Hi all, I have a problem, that chrooted VIRTUAL USER completely ignores system file permissions so any folder or file could be deleted no matter what... Could someone give me a hand here?
OS: Ubuntu 8.04 Server
vsftpd config:
Quote:
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
secure_chroot_dir=/var/run/vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/home/ftp/$USER
hide_ids=YES
user_config_dir=/etc/vsftpd/users
|
by default all virtual users should run as system user named
ftp however, virtual user can delete folder like that easily via ftp connection:
drwxr-xr-x 2 root root 4096 2010-06-05 17:43 tdnm
or even folder like so:
dr-xr-xr-x 2 root root 4096 2010-06-05 17:43 tdnm
Don't really know what to do.. I tried changing guest user in config,
Tried removing the user from chroot jail - to no avail...
I think i'm missing something... Please help