Summary: | net-ftp/vsftpd default options | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Charlie Page <charlie.page> |
Component: | New packages | Assignee: | Roy Marples (RETIRED) <uberlord> |
Status: | RESOLVED UPSTREAM | ||
Severity: | enhancement | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Charlie Page
2007-02-15 19:10:09 UTC
(In reply to comment #0) > I became aware of this as someone using Internet Explorer to ftp into my server > was like "I see directories, boot.." Well done; sorry but running a server assumes you know what you are doing; if not, then don't moan here. I am saying that: 1)`chroot_local_user=` should be in the default config file /etc/vsftp/vsftp.conf. 2)the default should be YES. 3)this would be a much more secure default setting. 4)security is good. From the man page chroot_local_user If set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login. Warning: This option has security implications, especially if the users have upload permission, or shell access. Only enable if you know what you are doing. Note that these security implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users in chroot() jails. Default: NO The man page clearly implies that you should know about chroot before activating this option. As such upstream will have to change their documentation before I even think about changing the default. |