How to Control Downloads to the FTP Server

1. Become superuser or assume an equivalent role.

   Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

2. Add the following entries to the ftpaccess file to prevent users from retrieving files.

   noretrieve [absolute|relative] [class=classname]... [-] filename ...

   noretrieve

   Keyword that is used to deny retrieval of a particular file or files

   absolute|relative

   Parameter that specifies whether the root-dir directory paths are interpreted as absolute or relative to the current chroot directory

   class

   Keyword that is used to specify class=<classname> of users to which noretrieve restrictions apply

   filename

   Name of file the user is not permitted to retrieve

Example 28–14 Controlling Downloads to the FTP Server

noretrieve /etc/passwd

The preceding example states that all users are prevented from retrieving the /etc/passwd file.