Solved

vfstpd umask and unix umask for ftp only users

Posted on 2004-09-02
2
608 Views
Last Modified: 2013-12-23
Hi

I've got a handful of users on my Debian server that are FTP only, they are chrooted to their home directly (I use vsftpd) and have their login shell set to /bin/false. Their home directory is used by Apache to host web sites.

What permissions should I set to these users home directories? I'm guessing 700.

What about the umask setting for vsftpd?

In need of some "best practice" guidance.


Gareth
0
Comment
Question by:localgareth
2 Comments
 
LVL 38

Accepted Solution

by:
yuzh earned 250 total points
ID: 11970582
It depends on what type of security you want to maintain and the data exchange between the
user in the same group.

I would set the FTP umask to 027, owner can do anything, groud user has rx, but no WRITE
permission. For the user's home, permissions are 750 as well (same reason as FTP).

Please have a look at the following docs to learn more:
http://techrepublic.com.com/5206-6286-0.html?forumID=11&threadID=117401&start=0
http://mandrakeuser.org/docs/mdoc/user/bastille-levels.html

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now