40.9. Setting Directory Listing Options
Normally, when an FTP client requests a directory listing, ProFTPD will return a complete, accurate list in the format produced by the ls –l command. Sometimes this gives away too much information about your system, such as the names of users and groups or symbolic link destinations. It can often be useful to hide certain files that are not relevant to clients but must be kept in an FTP-accessible directory for other reasons. This kind of information hiding is best applied to anonymous FTP users, as they should not be able to discover anything about your system that they do not need to know.
To change the format of directory listings, follow these steps:
1. | On the module's main page, click on the icon for the default or virtual server for which you want to change directory listings to bring up its options page. |
2. | Assuming that you only want to change the listed information for anonymous clients, click on the Anonymous FTP icon to go to the anonymous FTP options page. Otherwise normal UNIX users will be affected as well. |
3. | Click on the Files and Directories icon to bring up a form similar to the one in Figure 40.3 for setting the various listing options. |
4. | |
5. | Similarly, to hide files with certain user ownership, fill in the Hide files owned by users field with a list of UNIX usernames. |
6. | To hide files that the anonymous FTP user would not be able to read, change the Hide files that cannot be accessed? field to Yes. |
7. | To have ProFTPD convert symbolic links in listings to their target file permissions and size, change the Show symbolic links? field to Yes. Normally both the link and target name are shown, and the displayed permissions and ownership are those of the link. Even with this feature enabled, however, the link target must still be within the anonymous FTP directory. |
8. | Normally, directory listings include the real user and group owners of files. To change this, set the Fake group in directory listings? field to Yes, as group. Then, from the box provided, select either ftp to force the group owner to be always shown as ftp, or the third radio button to have it shown as whatever group you entered into the adjacent text box. The Connected group option only really makes sense for non-anonymous clients, as it makes files appear to be owned by the primary group of the connected user. |
9. | You can also change the UNIX user owner of files with the Fake user in directory listings? field. If Connected user is chosen, files will appear to be owned by the user currently logged into the FTP server. |
10. | By default, ProFTPD will show real UNIX file permissions in listings. To force the display of fakes instead, select the second option in the Fake permissions in directory listings field and enter an octal number like 0644 of the kind used by the chmod command. This has no effect on the actual permissions that apply if a client tries to download or upload a file of course. |
11. | |
12. | Finally, hit the Save button at the bottom of the page to update the ProFTPD configuration file. |
13. | Return to the module's main page and press the Apply Changes button to make the settings active. |
As well as hiding certain files (as explained in Steps 4 and 5), you can also prevent clients from reading or writing those files altogether. This can be done using the Make hidden files inaccessible? field, explained in Section 40.12 “Restricting Access to FTP Commands”.