service is configured by enabling the service through xinetd or inetd, and by creating user accounts. Anonymous FTP is configured by installing the anonymous FTP package. For many Linux systems, this is all there is to FTP configuration. However, Linux systems that use Washington University FTP (WU-FTPD) have additional configuration options. The ftpaccess File WU-FTPD has an optional configuration file named /etc/ftpaccess. This file is read if the FTP daemon is run with the -a command line option. In the discussion of Listing 3.6, we saw that Red Hat does run the FTP daemon with the -a option, which means that Red Hat uses the ftpaccess file. The active entries in the Red Hat 7.2 ftpaccess file are shown in Listing 3.16. Listing 3.16: Excerpts of the Red Hat ftpaccess File # Don’t allow system accounts to log in over ftp deny-uid %-99 %65534- deny-gid %-99 %65534- allow-uid ftp allow-gid ftp # To chroot a user, modify the line below or create # the ftpchroot group and add the user to it. guestgroup ftpchroot # User classes… class all real,guest,anonymous * # Set this to your email address email root@localhost # Allow 5 mistyped passwords loginfails 5 # Notify the users of README files at login and cwd readme README* login readme README* cwd=* # Messages displayed to the user message /welcome.msg login message .message cwd=* # Allow on-the-fly compression and tarring compress yes all tar yes all # Prevent anonymous users (and partially guest users) # from executing dangerous commands chmod no guest,anonymous delete no anonymous overwrite no anonymous rename no anonymous # Turn on logging to /var/log/xferlog log transfers anonymous,guest,real inbound,outbound # If /etc/shutmsg exists, don’t allow logins shutdown /etc/shutmsg # Use user’s email address as anonymous password passwd-check rfc822 warn Blank lines, inactive lines, and most of the comments have been removed from the ftpaccess file to create a listing that is more suitable for a book. However, all of the active commands used in the Red Hat configuration are shown in Listing 3.16. The deny-uid and deny-gid commands define ranges of UIDs that are not allowed to log in to the FTP server. In Listing 3.16, UIDs and GIDs that are less than 99 (%-99) or greater than 65534 (65534-%) are not allowed to log in. This blocks all of the UIDs and GIDs that are normally used for 82

Hint: If you are looking for very good and affordable webspace to host and run your j2ee hosting application check Virtualwebstudio j2ee web hosting services