How to make sftp user not have access to hidden files?

April 15, 2018 713

Security Ubuntu 16.04

By:

pinkp7996

How to make sftp user not have access to hidden files?

img: https://imgur.com/a/59ztt

Sign In to Comment

1 Answer

Woet April 15, 2018

Hidden files don’t have special permissions, use chmod/chown just like any regular file or dir.

Report

Have another answer? Share your knowledge.

Related

question

Is it possible to configure an sftp user for uploading and editing but NOT downloading files?

I know how to chroot (jail) a user to a folder, but now i need a user to be able to upload and edit but not download files (is this possible). I guess it does not make any sense right. Ha ha ha.
question

Set umask for another user

I have two users who are only ftp users I set them up using [this guide ](https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-for-a-user-s-directory-on-ubuntu-16-04) I would like to change their default permissions when creating files to 775 instead of 755. It seems like what I want is umask. But umask doesn't have an option to set for another user, only the logged in user (`umask 002`) and these users do not have ssh login, only ftp access. So I need some way of changing the umask of these users as root or sudo. There appears to be ~.profile but I changed the settings in here and it didn't make a difference Can anyone explain where I can change the umask for these users?
question

OpenLDAP Internal and External Authentication

Building out a platform that has a number of systems that will each need authentication. Some of these systems are public facing websites that will be used by the public and other systems are internal use only. Started to build out an OpenLDAP instance to support this, but then wondered if I should be doing more regarding public external users and trusted internal users. Could set this up with a ldap domain and then separate children, one for external and one for internal, but that seems like a potential security risk. Do people typically run two ldap servers and use a cron to sync the intranet ldap users to the dmz ldap or is there a best practice for this?
question

How To FIX CVE-2016-4484 on Ubuntu 16.04.1 LTS?

Hello Digital Ocean Community - I have done the following: root@www:~# sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="/GRUB_CMDLINE_LINUX_DEFAULT="panic=5 /' /etc/default/grub root@www:~# grub-install /dev/vda root@www:~# reboot Is this SAFE for security bug if I do this before the patch? Anyone know how I can fix this issue? Thank you in advance for any help!