|
You can do that in the QIBM_QTMF_SERVER_REQ - VLRQ0100 exit. You will have to know what directory they are constrained to - from a configuration file somewhere hopefully. You will get the target of the change directory command passed to you in one of the exit program parameters. If they entered a relative path name then the server will pass you your current directory with the relative path appended to the end. Before you check to see if the path they are trying to change to starts with a path they are allowed to access, you should edit the path for dots, dot-dots, multiple slashes. I've seen exits that allow you to circumvent path constraints by doing this: cd /home/ftpdir/../.. The edited path should be / Kurt -----Original Message----- From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Tom Hightower Sent: Friday, February 18, 2005 11:55 AM To: midrange-l@xxxxxxxxxxxx Subject: Re: How do I force an FTP user to '/home/ftpdir'? I was thinking that I might need to modify the FTP exit programs I have in place. The exit programs access a table which specifies what FTP commands the user profile can and can't do (mkdir, cd, del, etc). I guess I could add a flag to their entry in the table which says to position them to a homedir. But if I allow them access to the 'chdir' command, how would I keep them from accessing a 'higher-level' directory? Group profiles, with appropriate access rights to objects, libraries and folders? Or could I somehow do that with an exit program? Tom Gary Monnier said the following on 2/18/2005 10:54 AM: > They will need to use an exit program on one of two FTP signon exit > points (exit point QIBM_QTMF_SVR_LOGON format TCPL0200 or format > TCPL0300). They will allow you to return an initial home directory. > > -----Original Message----- > From: midrange-l-bounces@xxxxxxxxxxxx > [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Tom Hightower > Sent: Friday, February 18, 2005 8:09 AM > To: midrange-l@xxxxxxxxxxxx > Subject: How do I force an FTP user to '/home/ftpdir'? > > > > Customer wants to setup a generic FTP account for their tech support > folks in the field. Along with that account, they have an IFS directory > > called '/home/software' which has the software that they need to install > > at various customer sites. > > When they login via FTP using that account, the tech folks need to be > positioned directly in that support directory, and to have access to > nothing else other than that directory (or its subdirectories). No > going to a higher-level directory, no deleting files in that directory > (or sub-directory), no running of AS400 commands. > > The 'no-deletes' and 'no-commands' requirement I can handle with FTP > exit programs, but how do I handle the directory requirements? > > Tom > -- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
