This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

FTP ro/wo/full access
#1
FTP ro/wo/full access
HI,

Testing ftp user modes ( ro, wo, full access ) on Sentora ( Centos7 ) created within my resellers "admin" account.
Proftpd is accepting connections with process started as nobody user, when connection is established seems that he fork with apache user, that seems little strange i guess -->

nobody 8545 0.0 0.4 197000 2264 ? Ss 00:05 0:00 proftpd: (accepting connections)
apache 8558 0.0 0.9 275404 4736 ? S 00:06 0:00 proftpd: novi2 - X.X.X.X IDLE

Then we come to this part, dirs are acctualy created with 777 permissions -->

drwxrwxrwx 2 apache apache 4096 Mar 6 00:07 novi2

Then ro, wo, and full access set through panel are acctualy full access.

I check database and there is a set uid i gid for apache -->

| 4 | novi2 | xxxxxxxxxx | 48 | 48 | /var/sentora/hostdata/admin/novi2

Well this could be the way proftpd handle user permmissions, changing effective uid of forked process into one set in the database. Still 777 permisions on created dirs overrun this.

Can someone comment this observation, i do not exclude the possibility that something is not configured well on my side ?

Regards,
Stefan
Thanks given by:
#2
RE: FTP ro/wo/full access
Hi,

1. all user accounts are created under apache and so apache need that permission to run the files, this why mainly proftp will run such permissions.

2. Permission & UID currently don't matter as we jail users in php with openbase_dir mainly.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Thanks given by:
#3
RE: FTP ro/wo/full access
Dear M B,

if you create new FTP Account let say "testaccount" and set Access type to read-only, you will still get full-access i can use put get and del command as well through ftp client.

What i really need to know what does "Access type" in "Create a new FTP Account" means ?

Regards,
Stefan
Thanks given by:
#4
RE: FTP ro/wo/full access
Sorry i overlooked this in docs.

- Select access type : Full access (!WARNING! for Linux versions, until it will be handled, full access is used regardless of choice made here)

Regards,
Stefan
Thanks given by:
#5
RE: FTP ro/wo/full access
ok fine
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
How to setup ftp to access only certain folders? nomis56 4 16 ,019 10-03-2017, 07:22 PM
Last Post: FayeArmistead
ROOT FTP ACCESS Ubuntu 14.03 Server OpenApp 3 15 ,204 06-12-2016, 06:37 AM
Last Post: Ludaking
how to access root ftp? wormsunited 16 49 ,326 04-01-2015, 03:05 AM
Last Post: wormsunited

Forum Jump:


Users browsing this thread: 1 Guest(s)