installed opensuse 10.3 with Apache-LAMP server (ok)
installed vsftpd as ftp server (ok)
ftp login only for local user, no anonymous allowed.
Couple of user in the system
WEB documents in /srv/www/htdocs with default permission
Question:
from another pc in the same LAN, i want to ftp upload WEB documents in the htdocs folder, using let say user USER1. (actually using Dreamweaver)
The only solution i found so far is to assign the USER1 to the ROOT group, to be able to write/delete/etc in the folder.
-It’s the right way or does exist a better solution regarding security (not paranoid !!) ?
Actually the /srv , /srv/www and /srv/www/htdocs folders are user:group = root:root 0755 , so if the user in not ROOT or member of ROOT group he can’t write there.
No, do it the other way. Change the group of the web folder(s) to users (or better still create another group that has only the web updaters in it, if they are not all the users), and allow group write on the directories. Also set the config of vsftpd to chmod any uploaded files so that they are world-readable otherwise the web server cannot serve them.
pietrone62 wrote:
> Hello List,
>
> first time being here as newbie, so sorry !
>
> Well here is my situation:
>
> - installed opensuse 10.3 with Apache-LAMP server (ok)
> - installed vsftpd as ftp server (ok)
> - ftp login only for local user, no anonymous allowed.
> - Couple of user in the system
> - WEB documents in /srv/www/htdocs with default permission
>
> Question:
>
> - from another pc in the same LAN, i want to ftp upload WEB documents
> in the htdocs folder, using let say user USER1. (actually using
> Dreamweaver)
> - The only solution i found so far is to assign the USER1 to the ROOT
> group, to be able to write/delete/etc in the folder.
>
> -It’s the right way or does exist a better solution regarding security
> (not paranoid !!) ?
If your concerned about security then first dump FTP and use SFTP in its
stead. Much easier on firewalls etc. (uses the same port as SSH, i.e.
TCP:22) and by default encrypts everything from the get-go.
When you start the SSH server in openSUSE, the SFTP service is also running.
> - Actually the /srv , /srv/www and /srv/www/htdocs folders are
> user:group = root:root 0755 , so if the user in not ROOT or member of
> ROOT group he can’t write there.
So change the group owner and add the user with which you log-in as member
of that group.
> Please help me … newbie !!
Relying on pity is not a very reliable way to get help, better is to present
your problem in a comprehensible way, and show that you did your end of the
bargain too.