security level "Higher" and ftp

[Guest Stumbles]

Dealing with Mandrake Cooker. The security level is set to Higher. Trying to setup so a regular and anonymous user can ftp down files, no writing. I have an area /mnt/pcserver containing files users can download. I have proftpd setup as anonymous and it has the default of /var/ftp/pub. Users can access pub with no problem. The issue is with /mnt/pcserver.

 

The current setting for /mnt/pcserver is root:adm. I tried creating a symlink in /var/lib/pub called pcserver. Root can of course navigate from /var/ftp/pub/pcserver to /mnt/pcserver. However a normal user can't. If a normal user lists /var/ftp/pub/pcserver with -al the symlink is shown as brokern.

 

If a normal user ftp's in, konqueror shows the link but when they click on it an error says "file or folder does not exist".

 

I'm sure it's a permission thing but not clear how to solve it while retaining adequate security measures.

[Michel]

Mandrake-secuirty uses a file called /usr/mandrake/security/msec/...

I hope this is correct, I'm not at hoem right now. The files are called perm.4, level.4, ...

 

4 is a secuirtylevel(4=high)

 

It looks there for permissions that should be and checks that those permissions are really there evevry x time. So you can change the security-setting in those files and run msec.

 

You can change your secuirty-level zith msec x

x = {1,2,3,4,5} 4 is high security. You can also create you custom-security-files.

[linux_learner]

i would just chmod pcserver to 744, that is rwx-r--r-- that should do the trick.

 

what i would do is ls -al /mnt so i could see the permissions of the directory. it sounds like the current permissions are set to 700 or 600 (that would be rwx-------- or rw--------- ).