|
|
我用proftpd开了ftp,一开始默认的/home/ftp匿名访问是好的
后来我把匿名的目录改到了一个系统用户的目录下,并限制了匿名用户的写权限
然而匿名用户只能list,不能下载了。
请问这是怎么回事?
附上我的proftpd.conf:
#
# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
ServerName "木已成粥's FTP小站"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 60
TimeoutStalled 60
TimeoutIdle 60
DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions "-l"
DenyFilter \*.*/
#让proftp支持现在流行的FXP传输方式,默认是不支持的。
#只要在服务端设置
AllowForeignAddress on
PassivePorts 49152 65534 #端口也可自己指定喜欢的
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd off
# Uncomment this if you would use TLS module:
#TLSEngine on
# Uncomment this if you would use quota module:
#Quotas on
# Uncomment this if you would use ratio module:
#Ratios on
# Port 21 is the standard FTP port.
Port 52088
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
MaxClients 10 "对不起,小站已客满,请稍候" #最多允许10个用户在线
MaxClientsPerHost 1 "对不起,一个IP只允许一个连接"
#要想允许匿名登录,若<Anonymous /home/ftp>部分的User指令指定的用户为
#ftp用户,则需要在配置文件中添加该行
RequireValidShell off
#插入此行则不再显示版本信息。增强安全性?
ServerIdent off
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
#AllowStoreRestart on#以上两行允许上传续传
#AllowRetrieveRestart on#断点续续(下载)是默认支持的,不用设置
DefaultRoot ~ ftpusers #设置ftpusers组只能访问自己的目录
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php ... p;ID=LSS-2004-10-02
# It is on by default.
#DelayEngine off
# A basic anonymous configuration, no upload directories.
<Anonymous /home/hello/world> #hello为系统用户名(非管理员)
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
</Anonymous> |
|
IP卡
狗仔卡
发表于 2005-3-23 17:02:52
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
楼主