Radu Cotescu's professional blog

g33k w17h pa45510n

vsFTPd and Symbolic Links

vsFTPd is probably the most secure FTP daemon that exists for *nix operating systems and that is shipped with a number of Linux distributions as the default FTP server. Given the fact that its purpose is offering an FTP daemon implementation with regards to security, there are some limitations.

One of these limitations includes the use of symbolic links. vsFTPd doesn’t allow browsing symbolic link targets as long as their target is outside the user’s chroot. Let’s try the following scenario (based on my router’s configuration):

  1. we have this folder: /tmp/harddisk/music

  2. we have the following folder for user: /tmp/harddisk/ftp_pvt/user

  3. we create a symbolic link inside user’s folder to point to the music folder:

ln -s /tmp/harddisk/music /tmp/harddisk/ftp_pvt/user/music

It seems like everything is okay. As long as the permissions for the folder music grants access for the right users, everybody following that symbolic link on the system should be able to do whatever he/she is allowed. But when trying to access that folder (following the symbolic link) via vsFTPd, the user will get:

Status:   Retrieving directory listing...
Command:  CWD /disc0_3/ftp_pvt/user/music
Response: 550 Failed to change directory.
Error:    Failed to retrieve directory listing

So, what’s the solution besides the stupid one of copying the directory that you want to be accessed to a place where user has access? Simple. Mount! How? Well, like this:

  1. create a directory inside user’s chroot:

     mkdir /tmp/harddisk/ftp_pvt/user/music
    
  2. mount the folder you want user to access using the bind option:

     mount --bind /tmp/harddisk/music /tmp/harddisk/ftp_pvt/user/music
    

Now you can properly give access to folders and files located outside of a user’s chroot without compromising security using vsFTPd. Any complaints?

How To, Linux

« Bugs How to install Oracle Application Express 3.1.2 on Oracle Database 10g XE »

Comments