Become superuser or assume an equivalent role.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
Add the following entries to the ftpaccess file to prevent users from retrieving files.
noretrieve [absolute|relative] [class=classname]... [-] filename ...
Keyword that is used to deny retrieval of a particular file or files
Parameter that specifies whether the root-dir directory paths are interpreted as absolute or relative to the current chroot directory
Keyword that is used to specify class=<classname> of users to which noretrieve restrictions apply
Name of file the user is not permitted to retrieve
The preceding example states that all users are prevented from retrieving the /etc/passwd file.