Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 31351 - Proftpd 1.2.9_rc2 ignores AllowOverwrite directive
Summary: Proftpd 1.2.9_rc2 ignores AllowOverwrite directive
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Server (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Nick Hadaway
URL: http://forums.gentoo.org/viewtopic.ph...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-10-17 07:02 UTC by Chris McCracken
Modified: 2004-01-05 13:09 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Chris McCracken 2003-10-17 07:02:06 UTC 
The ebuild for net-ftp/proftpd 1.2.9_rc2 has a bug in it that causes the
AllowOverwrite directive to be ignored, thus not allowing remote FTP users to
overwrite existing files.  This has been fixed in version 1.2.9_rc3.  The
proftpd ebuild needs to be updated to the new version.

Reproducible: Always
Steps to Reproduce:
1. Use the AllowOverwrite directive in your config file
2. Using an ftp client, try to overwrite an existing file on your server.


Actual Results:  
It will fail with the error "error 550 overwrite permission denied".  With
certain FPT clients, the existing file you are trying to overwrite is deleted
and you have neither the new nor the old version of the file on the server.

Expected Results:  
Allowed you to overwrite your existing file with the new one.
Comment 1 Chris McCracken 2003-10-17 07:04:03 UTC 
Whoops, forgot to add `emerge info` output:

scoobysnacks root # emerge info
Portage 2.0.49-r13 (default-x86-1.4, gcc-3.2.3, glibc-2.3.2-r1, 2.4.20-gentoo-r2)
=================================================================
System uname: 2.4.20-gentoo-r2 i686 Intel(R) Pentium(R) 4 CPU 2.00GHz
Gentoo Base System version 1.4.3.10p1
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O2 -mcpu=i686 -pipe"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /var/qmail/control /usr/share/config /usr/kde/2/share/config
/usr/kde/3/share/config"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-O2 -mcpu=i686 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="sandbox ccache autoaddcvs"
GENTOO_MIRRORS="http://gentoo.mirrors.pair.com/ http://gentoo.chem.wisc.edu/gentoo/
http://adelie.polymtl.ca/ http://gentoo.noved.org/"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 oss apm arts avi crypt encode foomaticdb gpm imlib kde gnome libg++
mad mikmod mpeg ncurses nls pdflib quicktime sdl spell svga xmms xv zlib
gdbm berkdb slang readline tcpd libwww ssl perl python oggvorbis -X -opengl
-motif -java -alsa -qt -gtk -cups mysql sasl png jpeg tiff truetype gif innodb
maildir pam xml xml2 apache2"
Comment 2 Nick Hadaway 2003-10-17 09:02:59 UTC 
proftpd-1.2.9_rc3 is now in portage which should address this issue.  Please
test and let me know if things work properly for you.
Comment 3 Chris McCracken 2003-10-17 09:15:40 UTC 
Tested proftpd-1.2.9_rc3.  Seems to have fixed the problem and seems stable
to me.  Thanks for the quick action!  Gentoo developers KICK ASS!
Comment 4 Jonathan Stewart 2003-11-30 23:46:05 UTC 
I'm not sure anyone will read this, but can someone tell me why, after this security issue, and the subsqeuent update, 1.2.9rc2 is still the unmasked version in portage?  Why hasn't it been upgraded to r3, or even 1.2.9?
Comment 5 Thilo Bangert (RETIRED) (RETIRED) gentoo-dev 2004-01-05 13:09:29 UTC 
i have to agree with comment #4

1.2.9 has been out since the 31st of october...

:-(
best regards
Thilo