Does anyone know if there is any way to change the home/root location of individual FTP accounts within IS?
Curently we have a standard install of IS 6.5.
If you create an FTP user IS creates a directory for them under ‘…/IntegrationServer/userFtpRoot’ (default location) named after their user name.
i.e. if the user name was ‘fred’ you get a directory structure of ‘…/IntegrationServer/userFtpRoot/fred’
The thing is, if you log in as ‘fred’, your root location is ‘…/IntegrationServer/userFtpRoot’ and not ‘…/IntegrationServer/userFtpRoot/fred’
This means users can run ls in the root location, and therefore list all the other user names in that directory. This also means users have to change directory to get to their account directory.
You can’t access the other user directories, so the data is still safe, but the fact that you can see the user names of other users is a concern to our security people.
With standard FTP on an OS (wu-ftpd etc.), you can restrict the root location of an account to a specific location per account, therefore the user is already in their account directory and can’t move anywhere else, therefore can’t see other peoples account names etc.
I know you can set the global root directory with the ‘watt.server.userFtpRootDir’ setting, but this doesn’t help.
If all else fails, any one have a suggestion for a decent FTP/FTPs/SFTP server app for AIX
I think you hit it with the last comment mate, with your security requirements, ditch the internal ftp server and go for a regular ftp, then pick the files off the file system with the file poller.
