Opened 19 years ago
Closed 19 years ago
#1769 closed defect (fixed)
proftpd instructions
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | high | Milestone: | 6.2.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description (last modified by ) ¶
From Alexander E. Patrakov:
the current BLFS instructions for proftpd include the following:
install_user=proftpd install_group=proftpd \
./configure --prefix=/usr --sysconfdir=/etc \ --localstatedir=/var/run
This results in the /usr/sbin/proftpd binary owned by the proftpd user. This is very wrong. Daemon binaries should be owned by root but run as a user.
Suppose that someone finds a security hole in proftpd that gives read-write access outside /home/ftp with the rights of the proftpd user (i.e., the user for anonymous access). This hole becomes a root hole then, because the attacker can overwrite /usr/sbin/proftpd and wait for a server reboot.
Change History (2)
comment:1 by , 19 years ago
| Description: | modified (diff) |
|---|---|
| Milestone: | future → 6.2 |
| Owner: | changed from to |
comment:2 by , 19 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Removed 'install_user=proftpd install_group=proftpd' so files get installed as root.
Changed home directory to /srv/ftp