Anders Johansson wrote:
On Sunday 11 May 2008 13:53:14 James Knott wrote:
<snip> # To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. DefaultRoot ~ <snip> Of course, if that's done, the user won't be able to do much, as he won't be able to access any executables that aren't in that jail.
Accessing executables? Breaking out of chroot?
What exactly do you and John do with your ftp servers?
Breaking out of a chroot jail is fairly easy, yes, if you're root and have a shell prompt. It's not that easy (or indeed possible) through an ftp client.
And I have never seen any need to access executables through an ftp client, unless I was trying to download them, in which case they should simply be copied to the ftp directory
If you're root and have a shell access you are the admin of the system and don't need any help to screw with the system. If I remember correctly, root login via ftp is disabled by default. That is a Good Thing considering that the root password would be submitted unencrypted. Under reasonable circumstances (user is not root, has no shell access, is limited to chroot directory, system is up-to-date) breaking out of an ftp chroot should be impossible. -- Sandy List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org