LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page [SOLVED] VSFTP: chrooted virtual user ignores file system permissions
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 06-05-2010, 08:48 AM   #1
gospodin.horoshiy
LQ Newbie
 
Registered: Jun 2010
Posts: 2

Rep: Reputation: 0
Question VSFTP: chrooted virtual user ignores file system permissions

Hi all, I have a problem, that chrooted VIRTUAL USER completely ignores system file permissions so any folder or file could be deleted no matter what... Could someone give me a hand here?


OS: Ubuntu 8.04 Server


vsftpd config:
Quote:
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES


dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list

secure_chroot_dir=/var/run/vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key


virtual_use_local_privs=YES
guest_enable=YES

user_sub_token=$USER
local_root=/home/ftp/$USER
hide_ids=YES
user_config_dir=/etc/vsftpd/users


by default all virtual users should run as system user named ftp however, virtual user can delete folder like that easily via ftp connection:

drwxr-xr-x 2 root root 4096 2010-06-05 17:43 tdnm
or even folder like so:
dr-xr-xr-x 2 root root 4096 2010-06-05 17:43 tdnm

Don't really know what to do.. I tried changing guest user in config,
Tried removing the user from chroot jail - to no avail...

I think i'm missing something... Please help
 
Old 06-07-2010, 02:34 AM   #2
timmeke
Senior Member
 
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
The permission to remove the (sub-)folder tdnm comes from write-permission on the parent folder. Did you check that?

I'd recommend chroot'ing the virtual users in any case, especially if they have write permission (e.g. permission for uploading files).
 
1 members found this post helpful.
Old 06-07-2010, 01:41 PM   #3
gospodin.horoshiy
LQ Newbie
 
Registered: Jun 2010
Posts: 2

Original Poster
Rep: Reputation: 0
Thatt was it! Thanks!!
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
A normal user now has write permissions for the whole file system 16777216 Ubuntu 2 10-23-2006 09:32 AM
VSFTP Virtual User Configuration vsftpd_virtual_conf Linux - Software 1 05-21-2006 08:53 AM
VSFTP Virtual Users chrooted to NTFS Help please murdocthecrackmongre Linux - Software 2 07-05-2005 06:43 PM
vsFTP user permissions scriptkiddie Linux - General 0 06-29-2004 08:14 AM
about vsftp chrooted user... raymond Linux - General 5 08-18-2003 09:20 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:49 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration