| View previous topic :: View next topic |
| Author |
Message |
m.mascherpa
Bodhisattva
Joined: 22 May 2002
Posts: 139
Location: italy
|
 Posted: Sun Feb 16, 2003 6:35 pm Post subject: running pure-ftp as non-root user |
 |
|
hi,
i've been using pureftpd for some time and i like
it a lot. it's powerful and secure.
BUT, recently i had a look at my processes owners
and i noticed pureftpd server as well as the other
threads are run as root. And there's no option
to have it switch to a lower privilege after binding
the port.
does anyone know any fast way to fix this?
i can imagine solution to this but they're all very
hacky and not elegant... 
_________________
mush keeps the dream alive |
|
| Back to top |
|
 |
bsolar
Bodhisattva
Joined: 12 Jan 2003
Posts: 2764
|
| Posted: Sun Feb 16, 2003 6:41 pm Post subject: |
|
|
Ciao,
credo puoi risolvere la cosa editando /etc/init.d/pure-ftpd.
Aggiungi a 'start-stop-daemon' l'opzione '-c' (o '--chuid') e specifica l'username.
Inoltre | Code: | | man start-stop-daemon |
potrebbe interessarti.
_________________
I may not agree with what you say, but I'll defend to the death your right to say it. |
|
| Back to top |
|
|
darktux
Veteran
Joined: 16 Nov 2002
Posts: 1086
Location: Coimbra, Portugal
|
| Posted: Sun Feb 16, 2003 7:05 pm Post subject: |
|
|
| bsolar wrote: | Ciao,
credo puoi risolvere la cosa editando /etc/init.d/pure-ftpd.
Aggiungi a 'start-stop-daemon' l'opzione '-c' (o '--chuid') e specifica l'username.
Inoltre | Code: | | man start-stop-daemon |
potrebbe interessarti. |
You should've replyed in english so that when someone asks the same question, already has the answear.. 
_________________
Lego my ego, and I'll lego your knowledge
www.tuxslare.org - My reborn website  |
|
| Back to top |
|
|
bsolar
Bodhisattva
Joined: 12 Jan 2003
Posts: 2764
|
| Posted: Sun Feb 16, 2003 7:12 pm Post subject: |
|
|
| darktux wrote: | | bsolar wrote: | Ciao,
credo puoi risolvere la cosa editando /etc/init.d/pure-ftpd.
Aggiungi a 'start-stop-daemon' l'opzione '-c' (o '--chuid') e specifica l'username.
Inoltre | Code: | | man start-stop-daemon |
potrebbe interessarti. |
You should've replyed in english so that when someone asks the same question, already has the answear.. |
Yeah I'm sorry...
btw have you tried? I'm trying but I cannot get it work... I'm investigating... 
_________________
I may not agree with what you say, but I'll defend to the death your right to say it. |
|
| Back to top |
|
|
darktux
Veteran
Joined: 16 Nov 2002
Posts: 1086
Location: Coimbra, Portugal
|
| Posted: Sun Feb 16, 2003 10:16 pm Post subject: |
|
|
I understood your reply, but haven't tried it yet, I'll probably go through that tomorrow.
_________________
Lego my ego, and I'll lego your knowledge
www.tuxslare.org - My reborn website |
|
| Back to top |
|
|
m.mascherpa
Bodhisattva
Joined: 22 May 2002
Posts: 139
Location: italy
|
| Posted: Sun Feb 16, 2003 10:53 pm Post subject: |
|
|
thanks bsolar, but this is one of the options i already though
about, and it's unfeasible because the ftp daemon needs to
be started with root privileges to open the privileged port 21.
so i can't start it in the way you suggested.
actually i can't think of any way that doesn't involve
editing the source code... 
_________________
mush keeps the dream alive |
|
| Back to top |
|
|
darktux
Veteran
Joined: 16 Nov 2002
Posts: 1086
Location: Coimbra, Portugal
|
| Posted: Sun Feb 16, 2003 11:14 pm Post subject: |
|
|
Yhea, you always have to use root to open low ports, but the processes can later on be spawned to unpriveliged users, just like Apache, or qmail, or proftpd, or.......... You got the 
I guess we will just have to wait for more news from pureftpd I guess..
_________________
Lego my ego, and I'll lego your knowledge
www.tuxslare.org - My reborn website |
|
| Back to top |
|
|
bsolar
Bodhisattva
Joined: 12 Jan 2003
Posts: 2764
|
| Posted: Sun Feb 16, 2003 11:21 pm Post subject: |
|
|
From the PureFTPD README: | Code: | ------------------------ PRIVILEGE SEPARATION ------------------------
When privilege separation is enabled, each session will spawn two processes :
a "privileged" process running as root, but that can only do very basic
and trusted actions (binding a port and remove the ftpwho scoreboard), and
the "client" process. The "client" process definitely revokes all privileges
after authentication and chroot(), and punctually communicates with the
parent over a private channel.
Privilege separation decreases performance of loaded servers, but it
increases theorical security.
Some old broken operating systems may allow the ptrace() system call
on processes that revoked privileges. On these platforms, enabling
privilege separation is a bad idea if untrusted users also have shell
access. Use the src/ptracetest program to check this. At least
Solaris, MicroBSD, OpenBSD, FreeBSD and Linux are known to be safe. |
_________________
I may not agree with what you say, but I'll defend to the death your right to say it. |
|
| Back to top |
|
|
darktux
Veteran
Joined: 16 Nov 2002
Posts: 1086
Location: Coimbra, Portugal
|
| Posted: Sun Feb 16, 2003 11:27 pm Post subject: |
|
|
Cool 
_________________
Lego my ego, and I'll lego your knowledge
www.tuxslare.org - My reborn website |
|
| Back to top |
|
|
bsolar
Bodhisattva
Joined: 12 Jan 2003
Posts: 2764
|
| Posted: Sun Feb 16, 2003 11:32 pm Post subject: |
|
|
| darktux wrote: | | Cool |
Yeah, but how? 
_________________
I may not agree with what you say, but I'll defend to the death your right to say it. |
|
| Back to top |
|
|
m.mascherpa
Bodhisattva
Joined: 22 May 2002
Posts: 139
Location: italy
|
| Posted: Sun Feb 16, 2003 11:41 pm Post subject: |
|
|
oh my...
and i thought i'd read the whole README...
sorry for asking.
besides, i found this words that might be VERY interesting
in my case:
| Quote: |
On Linux systems, you will notice that the server is always running as root.
This is intentional, and more secure that servers who are changing their
effective uid (and only effective uid, they still have root privileges in
fact, use ps -U to see what servers are really running as root) . We are
using Linux kernel-specific tricks to drop privileges that "ps" can't show.
|
so it turns out that pureftpd works the same way apache does,
as darktux was pointing out.
thanks guys
_________________
mush keeps the dream alive |
|
| Back to top |
|
|
bsolar
Bodhisattva
Joined: 12 Jan 2003
Posts: 2764
|
| Posted: Sun Feb 16, 2003 11:47 pm Post subject: |
|
|
Something I didn't know, so that wasn't useless at all.
Btw. this was introducted in the last version and the developers are doing a major reimplementation oriented to the new feature.
We'll see...
_________________
I may not agree with what you say, but I'll defend to the death your right to say it. |
|
| Back to top |
|
|
meetra
Tux's lil' helper
Joined: 18 Nov 2002
Posts: 135
Location: Porto, Portugal
|
| Posted: Mon Feb 17, 2003 3:55 am Post subject: |
|
|
--with-privsep
enable privilege separation.
add this line to the ebuild you like, or just ./configure --with-privsep (and the other options). |
|
| Back to top |
|
|
m.mascherpa
Bodhisattva
Joined: 22 May 2002
Posts: 139
Location: italy
|
| Posted: Mon Feb 17, 2003 7:17 am Post subject: |
|
|
| meetra wrote: | --with-privsep
enable privilege separation.
add this line to the ebuild you like, or just ./configure --with-privsep (and the other options). |
yep.
--with-everything doesn't include this feature,
we must activate it manually.
maybe it's the case to notice the ebuild mantainer
to include this option, maybe with an ebuild-spcific
USE flag or something.
_________________
mush keeps the dream alive |
|
| Back to top |
|
|
darktux
Veteran
Joined: 16 Nov 2002
Posts: 1086
Location: Coimbra, Portugal
|
| Posted: Mon Feb 17, 2003 9:54 am Post subject: |
|
|
| mush wrote: | | meetra wrote: | --with-privsep
enable privilege separation.
add this line to the ebuild you like, or just ./configure --with-privsep (and the other options). |
yep.
--with-everything doesn't include this feature,
we must activate it manually.
maybe it's the case to notice the ebuild mantainer
to include this option, maybe with an ebuild-spcific
USE flag or something. |
Yhea! USE="security-please" emerge pure-ftpd 
_________________
Lego my ego, and I'll lego your knowledge
www.tuxslare.org - My reborn website |
|
| Back to top |
|
|
|
Networking & Security
