[simonmartin]

I have managed to get ftp working on a spare mac but I would like to allow outsiders to upload files to my "dropbox" by ftp. At the moment I can only access my home folder on the server with the full username/password. Then I can access and see the *whole* home folder. If I enter in "guest" as a password I get bumped off.

How can I allow a password of "guest" and then allow read/write access only to one specific folder?

I could create a user of guest/guest but it's not very elegant... (read Mac-like! :-) and I'd like people to be able to drop docs into *my* dropbox...

Thanks

Simon
London Uk

<small>[ 07-11-2002, 10:26 AM: Message edited by: simonmartin ]</small>

[davechen]

You pretty much have to make a guest account. OS X (and other Unixes) don't allow more than on password for a given user name. Once you've done that you can set up a link so that your drop box shows up in the guest's home directory.

[simonmartin]

</font><blockquote><font size="1" face="Geneva, Verdana, Arial, sans-serif">quote:</font><hr /><font size="1" face="Geneva, Verdana, Arial, sans-serif">Originally posted by davechen:
<strong>You pretty much have to make a guest account. OS X (and other Unixes) don't allow more than on password for a given user name. Once you've done that you can set up a link so that your drop box shows up in the guest's home directory.</strong></font><hr /></blockquote><font size="1" face="Geneva, Verdana, Arial, sans-serif">Dave,

That's a good idea... You mean just drop an alias of my dropbox into the shared (for instance) folder in the "guest" home folder?

I'll give it a go.

Thanks

Simon
London Uk

[Millennium]

There's a more secure way of doing this, but it will take some NetInfo finagling:</font>

• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Create a user named "ftp" in group "ftp".</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Disable login for ftp, and point its shell to /dev/null (this user won't be doing formal logins anyway).</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Set the home directory of ftp to be the folder containing your drop box (presumably /Users/username/Public).</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Put yourself in the ftp group.</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">(Close out of NetInfo; we're done there).</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">chgrp your Public folder (and the drop box) to ftp.</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Make your Public folder group readable and group writeable (user and group ONLY, not global).</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Make your drop box (which should be in your Public folder) group writable, but readable only to you.
  </font></li>

<font size="1" face="Geneva, Verdana, Arial, sans-serif">This will allow standard anonymous FTP, which will go into your Public folder.
DiSCLAIMER: I don't know if this is the most secure way of doing things. It's the most secure way I could think of to do what you want. There may be better ways, though. Yes, this is hard. There's a reason for that. Allowing anonymous FTP users to upload files is a huge security risk. The only time I ever got hacked was because of this, actually (I didn't use this method back then).

[simonmartin]

</font><blockquote><font size="1" face="Geneva, Verdana, Arial, sans-serif">quote:</font><hr /><font size="1" face="Geneva, Verdana, Arial, sans-serif">Originally posted by Millennium:
<strong>There's a more secure way of doing this, but it will take some NetInfo finagling:</font>

• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Disable login for ftp, and point its shell to /dev/null (this user won't be doing formal logins anyway).</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Set the home directory of ftp to be the folder containing your drop box (presumably /Users/username/Public).</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Put yourself in the ftp group.</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">(Close out of NetInfo; we're done there).</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">chgrp your Public folder (and the drop box) to ftp.</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Make your Public folder group readable and group writeable (user and group ONLY, not global).</font></li>
• <font size="1" face="Geneva, Verdana, Arial, sans-serif">Make your drop box (which should be in your Public folder) group writable, but readable only to you.
  </font></li>

<font size="1" face="Geneva, Verdana, Arial, sans-serif">This will allow standard anonymous FTP, which will go into your Public folder.
DiSCLAIMER: I don't know if this is the most secure way of doing things. It's the most secure way I could think of to do what you want. There may be better ways, though. Yes, this is hard. There's a reason for that. Allowing anonymous FTP users to upload files is a huge security risk. The only time I ever got hacked was because of this, actually (I didn't use this method back then).</strong></font><hr /></blockquote><font size="1" face="Geneva, Verdana, Arial, sans-serif">Millenniun,
Wow, thanks for that but it sounds a bit too complex for my brain, sadly. I might give it a go though...

At the moment I am attempting to get SAMBA running, using Xamba.

Do you think this might be an easier bet?

At the moment I'm falling at an early hurdle: When attempting to "Restart all NetInfo domains on localhost" in Netinfo Manager I get: "Can't finf process id for 'nibindd'"

I have emailed the developer but I don't know if you can help there...

Thanks mate

Simon
London Uk

[dont.wanna.tell]

Uhm... you might do all this....

Or you might check out VersionTracker! ;-)

Have a look at <a href="http://www.versiontracker.com/moreinfo.fcgi?id=13170&db=mac" target="_blank">anonFTP</a> to do it all for you...

Have a nice day,

cu Martin