vsftpd users restrictions

Hi all,

I've never needed to use a FTP service. I'm just setting it up for the hell of it.

I'm using vsftpd on a Red Hat 9 box.
(still haven't upgraded to fedora or any other distro on this server)

I want to allow a test user to login via ftp but only permit them to browse/access certain folders in /var/ftp.

I've created a group called "ftp". I set the permissions on /var/ftp/ so group can access it.

I created a user "testing" and make their home drive /var/ftp/pub and set shell to /sbin/nologin

I can log into the ftp server using this account, but disallowed them a shell.

However, they can still browse files outside /var/ftp even though the ONLY group they are part of is "ftp" which I only set group permissions to /var/ftp

Anyone know what I did wrong?

Thanks in advance.

EDIT:

Nevermind. I had to enable chroot() users to their home directories in /etc/vsftpd/vsftpd.conf and then create a list of the users I wanted to restrict.

I was about to say, chroot is your answer as it "hardcodes" the acceptable directory as absolute and therefore, when they do cd /, they don't get any further down the directory tree than their absolute base directory.

Personally, I'm glad to see vsftp instead of WS-FTP...the latter was alright but the former is easier to manage, IMHO.