On Tue, Apr 6, 2010 at 12:58 PM, Dirk H. Schulz dirk.schulz@kinzesberg.de wrote:
I have configured my vsftpd with virtual users all of which are mapped to a system user for file system permissions (let's call him 'ftpsystemuser').
What is the vsftpd process running as? It is most likely root as it needs to have permission to open ports 20:21 for access. In most cases a file is going to be opened up as root, written as root, and then chowned to the configured user..
That means, if someone uploads files they are writting using owner and group of the system user:
-rw-r--r-- 1 ftpsystemuser ftpsystemuser 19968 16. Mär 11:24 Termine Leistungspr?fungen.doc
Now we have the phenomenon that some files and folders are written twice, one instance as it should be and the other with owner and group 'root' and with html-like file name syntax. For example:
-rw-r--r-- 1 root root 19968 16. Mär 11:24 Termine Leistungspr%FCfungen.doc -rw-r--r-- 1 ftpsystemuser ftpsystemuser 19968 16. Mär 11:24 Termine Leistungspr?fungen.doc
This looks like a security problem: the process writing these files should not be able to do this as root, should it? And then it is very annoying.
Has anyone seen that? Is that something I can configure off somehow?
Any hint or help is appreciated, any deeper insight very welcome.
Dirk _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos