× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.




Great point. ÂI'll have to code that fix.

If NetIQ had the flexibility that I needed I'd use it in a heartbeat. ÂBut
it doesn't support passwords more than 10 characters. ÂAnd several other
tricks that we've done over the years, (like a second file really means
process the first).

Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com


|-----------------------------+-------------------------------------------|
|   "Kurt Goolsbee"           |                                           |
|   <kurt.goolsbee@xxxxxxxxxxx|                                           |
|   om>                       |                                         To|
|   Sent by:                  |                                    "'Midra|
|   midrange-l-bounces@midrang|                                    nge    |
|   e.com                     |                                    Systems|
|                             |                                    Technic|
|   08/11/2004 05:09 PM       |                                    al     |
|                             |                                    Discuss|
|         Please respond to   |                                    ion'"  |
|         Midrange Systems    |                                    <midran|
|       Technical Discussion  |                                    ge-l@mi|
|      <midrange-l@xxxxxxxxxxx|                                    drange.|
|                m>           |                                    com>   |
|                             |                                         cc|
|                             |                                           |
|                             |                                     Fax to|
|                             |                                           |
|                             |                                    Subject|
|                             |                                    RE: IFS|
|                             |                                    directo|
|                             |                                    ry     |
|                             |                                    visibil|
|                             |                                    ity    |
|                             |                                    from   |
|                             |                                    FTP    |
|                             |                                           |
|                             |                                           |
|                             |                                           |
|                             |                                           |
|                             |                                           |
|                             |                                           |
|-----------------------------+-------------------------------------------|






Just make sure that you donât enforce this with a simple compare of the
first x bytes of the path - you have to resolve the dots. ÂFor instance, if
Fred can get to "/home/fred" don't just check that the request path starts
with "/home/fred" because you can pass the check by using mget
"/home/fred/../../qsys.lib/production.lib/payroll.file/*.mbr"
This is also a good test to see how good a commercial exit point package
is.
I know that NetIQ (formerly PentaSafe) will pass the test but I'm not so
sure about all of the offerings that are being marketed.

Kurt
TriAWorks, Inc.

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Wednesday, August 11, 2004 4:24 PM
To: Midrange Systems Technical Discussion
Subject: Re: IFS directory visibility from FTP



What I often do is have the user go directly into a subdirectory via my
exit point program. ÂThen I set it up so they can only upload from one
directory, and download from another. ÂThey so much as try a CD or a DIR to
a directory that's not down from one of those two, and it rejects the
request.

Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com


|-----------------------------+-------------------------------------------|
| Â "James H H Lampert" Â Â Â | Â Â Â Â Â Â Â Â Â Â Â Â Â Â 
       |
| Â <jamesl@xxxxxxxxxxx> Â Â Â| Â Â Â Â Â Â Â Â Â Â Â Â Â Â 
       |
| Â Sent by: Â Â Â Â Â Â Â Â Â| Â Â Â Â Â Â Â Â Â Â Â Â 
        To|
| Â midrange-l-bounces@midrang| Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 
  <midrang|
|  e.com           |             
     e-l@midr|
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
      ange.com|
| Â 08/11/2004 04:13 PM Â Â Â | Â Â Â Â Â Â Â Â Â Â Â Â Â Â 
   >    |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
         cc|
|     Please respond to  |               
       |
|     Midrange Systems  Â|               
    Fax to|
| Â Â Â Technical Discussion Â| Â Â Â Â Â Â Â Â Â Â Â Â Â Â 
       |
| Â Â Â<midrange-l@xxxxxxxxxxx| Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 
  ÂSubject|
| Â Â Â Â Â Â Â Âm> Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
      IFS   |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
      director|
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
      y    |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
      visibili|
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
      ty from |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
      FTP   |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
          |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
          |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
          |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
          |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
          |
| Â Â Â Â Â Â Â Â Â Â Â Â Â Â | Â Â Â Â Â Â Â Â Â Â Â 
          |
|-----------------------------+-------------------------------------------|






Is it possible to hide IFS directories that the user doesn't have access
to, so they don't appear when listing the directory from FTP?

--
JHHL


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.