From owner-freebsd-questions@FreeBSD.ORG  Wed Aug  6 16:17:48 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BFCA01065673
	for <freebsd-questions@freebsd.org>;
	Wed,  6 Aug 2008 16:17:48 +0000 (UTC)
	(envelope-from glarkin@FreeBSD.org)
Received: from mail1.sourcehosting.net (113901-app1.sourcehosting.net
	[72.32.213.11]) by mx1.freebsd.org (Postfix) with ESMTP id 98DA08FC1E
	for <freebsd-questions@freebsd.org>;
	Wed,  6 Aug 2008 16:17:48 +0000 (UTC)
	(envelope-from glarkin@FreeBSD.org)
Received: from 68-189-244-97.dhcp.oxfr.ma.charter.com ([68.189.244.97]
	helo=Gregory-Larkins-Computer.local)
	by mail1.sourcehosting.net with esmtp (Exim 4.69 (FreeBSD))
	(envelope-from <glarkin@FreeBSD.org>)
	id 1KQlhq-000OFC-CJ; Wed, 06 Aug 2008 12:17:47 -0400
Received: from [127.0.0.1] (fireball.entropy.prv [192.168.1.12])
	by Gregory-Larkins-Computer.local (Postfix) with ESMTP
	id 3C47C2309B26; Wed,  6 Aug 2008 12:17:46 -0400 (EDT)
Message-ID: <4899CEA9.6030209@FreeBSD.org>
Date: Wed, 06 Aug 2008 12:17:45 -0400
From: Greg Larkin <glarkin@FreeBSD.org>
Organization: The FreeBSD Project
User-Agent: Thunderbird 2.0.0.16 (Windows/20080708)
MIME-Version: 1.0
To: John Almberg <jalmberg@identry.com>
References: <26259A11-0CE7-43FB-878C-1A989C1EB006@identry.com>	<3A0AA7018522134597ED63B3B794C92A0284D829@STA-HQ-S001.starcomms.local>	<E8A4465F-0D48-46F9-A5ED-B56E65BF05EB@identry.com>	<3A0AA7018522134597ED63B3B794C92A028ECB61@STA-HQ-S001.starcomms.local>
	<8722E123-56D1-4CA0-8F57-DB0FB299EBD3@identry.com>
In-Reply-To: <8722E123-56D1-4CA0-8F57-DB0FB299EBD3@identry.com>
X-Enigmail-Version: 0.95.6
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Score: -1.2 (-)
Cc: freebsd-questions@freebsd.org
Subject: Re: Controlling read access
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: glarkin@FreeBSD.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Aug 2008 16:17:48 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John Almberg wrote:
|> Hello John,
|>
|> There are some things that you can try.
|>
|> What if you connect from localhost and transfer files, is it still very
|> slow?
|> Try to disable TLS/SSL and see if this improve performance.
|> Increase debug level and check the log for any errors.
|
| Well, I am learning lots about FTP :-)
|
| I didn't realize that FTP uses extra ports for data channels (yes, I am
| a newbie). I use the PF firewall, which of course was blocking the
| needed ports. Once I opened them, the connections worked perfectly.
|
| I also moved the control port from 21 to a higher port, and disabled
| insecure FTP connections, requiring TLS/SSL for login.
|
| I also added pureftpd-enable="YES" to rc.conf, so I can start it up with
| /usr/local/etc/rc.d/pure-ftpd restart.
|
| So far, so good (newbie pats himself on back.) :-)
|
| Now I have just one major league problem: when I logged in as one of the
| users, to test the connections, I discovered that I had SUPER POWERS. I
| was able to delete any file that I could see, including ones that were
| owned by root. Digging uncovered the fact that pure-ftpd runs with root
| privileges... not so good for my situation.
|
| My guess is I need to compile with the --with-privsep switch turned on...
|
| So, finally I have a real FreeBSD question!
|
| What is the proper way, in ports, to set a configuration flag? The only
| way I could figure out was to add it to the Makefile.
|     PRIVSEP "Enable privilege separation" on \
|
| If this is the correct way to turn this compile switch on, it doesn't
| seem to work. After running:
|
| make deinstall
| make config         # checking the privilage separation box
| make reinstall
|
| The logged in user can still delete any file, regardless of permissions
| or ownership. This is clearly a problem... I don't want my users to be
| able to blow away their own websites while they are uploading some
| images. I am still digging for info on this problem. Any thoughts, much
| appreciated!
|
| -- John
|

Hi John,

Try this sequence instead, and you should be all set:


make deinstall
make clean
make config (skip this if you've already chosen the options you want)
make install

The clean target will make sure that your environment is reset back to a
known state.  The install target will then perform a fresh build and
install with the privsep option enabled.  If you already had binaries in
your port directory, then the reinstall target installs them without
rebuilding, as far as I can tell from reading /usr/ports/Mk/bsd.port.mk.

Hope that helps,
Greg
- --
Greg Larkin
http://www.sourcehosting.net/
http://www.FreeBSD.org/ - The Power To Serve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFImc6p0sRouByUApARAl9JAJ0ZN+B0Zwku8rxRNU8+fC9fCApofgCeKcC1
OgqUbzksT17KJzkA41ZvHVk=
=j9zs
-----END PGP SIGNATURE-----