LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Secure FTP
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-12-2010, 08:49 AM   #1
pedrokoma
LQ Newbie
 
Registered: Apr 2010
Posts: 6

Rep: Reputation: 0
Secure FTP

Hi,

I run ProFTPd with TLS authentication on my Debian Lenny server. My problem is that despite of the fact that my users connect chrooted, one of my friends had root privileges after logging in form a Macintosh and could browse the root directory, too.

Any ideas?

Peter
 
Old 04-12-2010, 03:31 PM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Not to split hairs, but to steer the discussion in the right direction you might refer to your service as FTPS (FTP over SSL/TLS, not to be confused with SFTP, which is totally different).

This is an application layer problem, so crank up those debug logs and review the behavior you see for his particular client. Also, talk through things with the user from his perspective to ensure that he is really seeing "/", and not just his perception of "/" (which is of course his chrooted directory).
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
secure ftp mrobb Linux - General 2 09-15-2004 12:07 PM
secure ftp? ziggie216 Linux - Software 5 12-13-2003 06:55 AM
Secure ftp from IE jqcaducifer Linux - General 2 08-15-2003 01:27 PM
Secure FTP Sathe Linux - Security 6 06-03-2003 06:53 PM
Secure FTP pilot1 Linux - General 2 11-06-2002 08:35 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:22 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration