LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   FTP chroot_local_user Security implications (http://www.linuxquestions.org/questions/linux-server-73/ftp-chroot_local_user-security-implications-936636/)

WideloaD 03-27-2012 04:22 AM

FTP chroot_local_user Security implications
 
On Ubuntu Server 9.10 (legecy system) I have setup "vsftpd"

This is simply to allow clients to FTP stuff to their webserver without me having to do it for them.

I have created a noshell user with a home directory pointing to thier webserver root.

I have set the uploaded files flag to change permissions to the webserver user on upload and I have limited them to only browse their home directory using the chroot_local_user.

This part has a security warning and I fail to see what the problem is - several sites go on about the simplicity of jail breaking but surely without this set the user could stomp all over the file system anyway?

My Question is; is it better to have this than not have this set? I trust my users and the passwords are strong.

And... Is it better to use the "chroot_list_enable" rather than the blanket "chroot_local_user"?

In the face of this I would much rather have a list that says "ONLY ALLOW THE FOLLOWING USERS TO FTP IN".

Thanks
Paul

unSpawn 03-28-2012 07:21 PM

Quote:

Originally Posted by WideloaD (Post 4637388)
is it better to have this than not have this set?

In short: yes but.
* Yes because even if FTP credentials would be leeched (not that uncommon for users running A Certain Other OS) it would not grant the user rights to perform system recon.


Quote:

Originally Posted by WideloaD (Post 4637388)
I trust my users and the passwords are strong.

In turn I say there is no compelling reason to trust unprivileged users by default.
* Yes but be aware chrooting is part of system security but does not constitute system hardening, there's more required.
* Yes but be aware it does not prevent a user uploading any file and having Perl or PHP execute it. Examples: running scripts involving .htaccess modification, loading crontabs, MySQL injection, local or remote file inclusion and such due to running vulnerable applications or plugins in the web application stack. That's why keeping up to date, auditing and proper system hardening are important.


Quote:

Originally Posted by WideloaD (Post 4637388)
And... Is it better to use the "chroot_list_enable" rather than the blanket "chroot_local_user"?

It's the choice of chrooting all users versus chrooting a list of users. A choice for the first option obviously ensures everyone is automagically chrooted so no newly added account need to be added to any list.


Quote:

Originally Posted by WideloaD (Post 4637388)
In the face of this I would much rather have a list that says "ONLY ALLOW THE FOLLOWING USERS TO FTP IN".

Using Vsftpd with a PAM stack you can use the listfile module to create a list of allowed local user accounts.


All times are GMT -5. The time now is 03:27 AM.