LISTSERV - HP3000-L Archives

HP3000-L Archives

February 2000, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L February 2000, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Big security problem ...
From:	Beghein Johan <[log in to unmask]>
Reply To:	Beghein Johan <[log in to unmask]>
Date:	Thu, 10 Feb 2000 08:52:31 GMT
Content-Type:	text/plain
Parts/Attachments:	text/plain (35 lines)

Hi all,

Could somebody help me to resolve a big security problem ?

I've users using ftp to put files on my system.
I've created the following directories:

/BOULAN/AC/in
/BOULAN/AC/in/ack
/BOULAN/AC/out
...
In mpe, BOULAN is an account and AC is a group, the rest are HFS
directories.

The user is connecting in accout BOULAN with homegroup AC.
At this moment, the user can traverse the HFS directories to put his files.

Recently, all my files in account BOULAN disapeared, except databases and
open files.
The reaon was a delete from this connected user.
I saw that this user can traverse the parent directories with 'cd ..' and
even go to other accounts.

I tried to resolved this issue with ACD's, but they are not allowed on group
and accounts.

Can anybody help me to prevent the user to go to the parent directories, or
to map /BOULAN/AC
as a root directory ?

Thank You.

Beghein Johan.
[log in to unmask]

ATOM RSS1 RSS2

RAVEN.UTC.EDU