Mailinglist Archive: opensuse (4348 mails)

< Previous Next >
Re: [SLE] vsftpd and symlinks to directory
  • From: Verdi March <cincaipatron@xxxxxxx>
  • Date: Tue, 1 Oct 2002 16:57:55 +0800
  • Message-id: <200210011657.55594.cincaipatron@xxxxxxx>
Hm,

Your scenario work if anonymous couldn't upload.

By default the root of anonymous is "/windows/d". The anonymous
user's - "ftp" - home directory is "/windows/d/sources". Your suggested
scenario work if the user ftp can only 'read' into "/windows/d".

But if I tried to make user "ftp" has 'write' access -- by making user
"ftp" part of group "users" -- the anonymous login will not work.
=====
500 OOPS: vsftpd: refusing to run with writable anonymous root
ftp: Login failed.
=====

No wonder this thing is called 'very secure' ftpd.


Regards,
Verdi

On Tuesday 01 October 2002 16:03, Jon Clausen wrote:
> On Tue, Oct 01, 2002 at 01:57:18PM +0800, Verdi March wrote:
> > Hi,
> >
> > Yes. The target of my symlink is a fat32 partition.
> > The permissions I set upon mount is root:users, writtable
> > by all under group "users". My anonymous user is "ftp",
> > under group "daemon,users".
> >
> > I just verified this with a non-anonymous user. I created
> > a symlink in this non-anonymous' home directory
> > to the fat32 partition.
> > On the shell, I can access this fat32 partition (read,
> > write). Through ftp, I cannot change into this directory.
>
> Completely unresearched thoughts:
>
> IINM the above is by design (?) It would make some kind of sense (to
me
> anyway) that ftp dissallows following symlinks...
>
> How about maybe chroot'ing your anonymous user to the partition?
>
> HTH
>
> Jon Clausen


< Previous Next >
Follow Ups