ftp security

Hi all,

Are there any white papers on setting up ftp, where a user logs in from any system to put a file on another UNIX machine.

eg. the external user puts a file in "ddd". We only want them to have access to this directory for write purposes and access no where else.

Can we put an acl for a specific user on "ddd" so this is the only directory they can go to ?

/aaaa/bbb/ccc/ddd

Any advice would be good. So far any solution I have thought of has holes in it.

Hi.

Dont know what ftpd HP-UX uses but i would check out proftpd www.proftpd.org

/Peter

HP's ftpd is based on wuftpd. It supports chroot which can lock a user into a directory. See "man ftpaccess".

We have switched to PureFTP which has great security features. It's available ready to install from the HP-UX freeware sites.