配置VSFTPD在默认的情况下,用户可以用用cd .. 切换到上一级目录,如下
220 Welcome to digi ftp testing server
User (10.20.100.252:(none)): benjamin
331 Please specify the password.
Password:
230 Login successful.
ftp> dir
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Jan 08 18:38 alex
drwxr-xr-x 2 0 0 4096 Jan 08 18:37 alfa
drwxr-xr-x 2 0 0 4096 Jan 12 16:28 benjamin
drwxr-xr-x 2 0 0 4096 Jan 08 18:35 caren
226 Directory send OK.
ftp: 827 bytes received in 0.03Seconds 26.68Kbytes/sec.
ftp> cd ..
250 Directory successfully changed.
ftp> dir //显然,文件夹已经变更。如果在赋予用户写的权利,容易搞乱系统
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Jul 10 2009 bin
drwxr-xr-x 4 0 0 1024 Jul 10 2009 boot
drwxr-xr-x 10 0 0 7100 Jan 11 15:11 dev
drwxr-xr-x 4 0 0 4096 Dec 28 14:31 digi
drwxr-xr-x 15 0 0 4096 Jan 12 16:31 digibeijing
226 Directory send OK.
ftp: 1557 bytes received in 0.06Seconds 25.11Kbytes/sec.
ftp>
那么如何控制上述问题
1.[root@localhost vsftpd]# vi /etc/vsftpd/vsftpd.conf //编辑vsftpd.conf文件
*************************
chroot_local_user=YES //加入这3条语句
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
***************************
2.[root@localhost vsftpd]# service vsftpd restart
3.[root@localhost vsftpd]# vi /etc/vsftpd/chroot_list //新建chroot_list文件
************
alex //添加4个用户
alfa
caren
hansin
~
4.再用benjamin测试,发现cd ..后,还停留在原来的问价夹
[root@localhost vsftpd]# ftp 10.20.100.252
Connected to 10.20.100.252.
Name (10.20.100.252:root): benjamin
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (10,20,100,252,65,89)
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Jan 08 18:38 alex
drwxr-xr-x 2 0 0 4096 Jan 08 18:37 alfa
drwxr-xr-x 2 0 0 4096 Jan 12 16:28 benjamin
drwxr-xr-x 2 0 0 4096 Jan 08 18:35 caren
226 Directory send OK.
ftp> cd ..
250 Directory successfully changed.
ftp> dir
227 Entering Passive Mode (10,20,100,252,44,110)
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Jan 08 18:38 alex
drwxr-xr-x 2 0 0 4096 Jan 08 18:37 alfa
drwxr-xr-x 2 0 0 4096 Jan 12 16:28 benjamin
drwxr-xr-x 2 0 0 4096 Jan 08 18:35 caren
226 Directory send OK.
ftp>
5.更换为chroot_list文件中caren ,就可以切换目录。所以,要想有切换功能,需要加入到到chroot_list文件中,才可以
[root@localhost vsftpd]# ftp 10.20.100.252
Name (10.20.100.252:root): caren
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (10,20,100,252,99,176)
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Jan 08 18:38 alex
drwxr-xr-x 2 0 0 4096 Jan 08 18:37 alfa
drwxr-xr-x 2 0 0 4096 Jan 12 16:28 benjamin
drwxr-xr-x 2 0 0 4096 Jan 08 18:35 caren
drwxr-xr-x 2 0 0 4096 Jan 08 18:36 caroline
226 Directory send OK.
ftp> cd ..
250 Directory successfully changed.
ftp> dir
227 Entering Passive Mode (10,20,100,252,121,112)
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Jul 10 2009 bin
drwxr-xr-x 4 0 0 1024 Jul 10 2009 boot
drwxr-xr-x 10 0 0 7100 Jan 11 15:11 dev
drwxr-xr-x 4 0 0 4096 Dec 28 14:31 digi
drwxr-xr-x 15 0 0 4096 Jan 12 16:31 digibeijing
226 Directory send OK.
ftp>
阅读(1134) | 评论(0) | 转发(0) |
