46.7. Configuring an Anonymous FTP ServerProviding an anonymous FTP server allows anyone to anonymously download (and possibly upload) files. Normally, logging into an FTP server requires an account. Anonymous FTP creates an anonymous account and carefully limits its capabilities, so that you don't have to create a full account for everyone you might want to allow access to. An anonymous FTP connection operates within a chroot, that is, an isolated area (see the manpage for chroot(8) and chroot(2) for more details on what a chroot is). A few basic things need to be provided within the chroot: a copy of ls, minimal versions of /etc/passwd (sans passwords) and /etc/group to allow ls to display files properly, and so forth. Some platforms provide a simple anonymous FTP setup. RedHat has an RPM called anonftp-* that installs a proper chroot. FreeBSD's install tool can set up an anonymous FTP chroot for you. Check your platform documentation to see if it has a simple setup for you. Failing that, refer to CERT's guide on safely setting up anonymous FTP at http://www.cert.org/tech_tips/anonymous_ftp_config.html. -- DJPH Copyright © 2003 O'Reilly & Associates. All rights reserved. |
|