Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 22 Dec 2000 09:31:47 -0600
From:      "Hudson, Henrik H." <hhudson@eschelon.com>
To:        "'Vladimir I. Kulakov'" <kulakov@kudesniki.ru>
Cc:        "'security@freebsd.org'" <security@freebsd.org>
Subject:   RE: Directory invisible by FTP?
Message-ID:  <C1781C38F13DA040848FEFAD07311B1045977B@walleye.corp.fishnet.com>
next in thread | raw e-mail | index | archive | help 
Morning Vladimir-

Are you using the default BSD ftp daemon? I believe the issue is that when
you chroot a user, the daemon roots them before getting the path to a shell.
3 ways around this:

1) Use a FTP daemon which doesn't do this in a rooted environment (ProFTPD
is one)

2) Create a root owned /etc and /bin directory inside the users directory.
Place a copy of 'ls' in the bin and a then copy the passwd and group files
into your new /etc directory. Edit the passwd and group files to only
include root (wheel) and the user you want. Remove any references to
passwords. The passwd and group files are only necessary if you want to be
able to see usernames instead of UID and GIDS when people view their
directory.

3) Go home, have a christmas cake and not worry about it ;)


Henrik
---
Henrik Hudson


-----Original Message-----
From: owner-freebsd-security@FreeBSD.ORG
[mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Vladimir I.
Kulakov
Sent: Friday, December 22, 2000 08:31
To: freebsd-security@FreeBSD.ORG
Subject: Directory invisible by FTP?


Hello,

  How can you explain the following situation. Some directory in
  user's home, let's say /home/user/www is not visible by ftp,
  but visible in my root shell...  All other files and directories in
  /home/user/ with the same access rights visible very vell in both
  shell and ftp... When you make cd www in ftp, you can see all
  contents of www, but www itself is still invisible :(

  The user has 'ftpchroot' for his home directory and /bin/false
  if master.passwd. All other users with the same configuration
  can see all directories very vell...

  I already tryed all possible reasons, but nothing helps :(

-- 
Best regards,
 Vladimir                          mailto:kulakov@kudesniki.ru




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C1781C38F13DA040848FEFAD07311B1045977B>