FTP users can delete files in their home directory they don't possess (including files belonging to root:root!) with vsftpd. I have reproduced that with vsftpd 1.1 on Suse and 2.0 on CentOS. I don't think this should happen at all. I can't see that the documentation at http://vsftpd.beasts.org/vsftpd_conf.html mentions this problem at all. How can I stop this?
Kai
Kai Schaetzl wrote:
FTP users can delete files in their home directory they don't possess (including files belonging to root:root!) with vsftpd. I have reproduced that with vsftpd 1.1 on Suse and 2.0 on CentOS. I don't think this should happen at all. I can't see that the documentation at http://vsftpd.beasts.org/vsftpd_conf.html mentions this problem at all. How can I stop this?
This sounds like a Unix feature, not a bug. If the user has write rights to the directory, he can delete anything in the directory no matter who owns the file.
# cd /home/myuser # touch test # chmod 400 test # su - myuser $ ll test -r-------- 1 root root 0 May 16 16:58 test $ rm test rm: remove write-protected regular empty file `test'? y $ ll test ls: test: No such file or directory
-Andy
Andy Green wrote on Tue, 16 May 2006 16:59:18 +0100:
This sounds like a Unix feature, not a bug. If the user has write rights to the directory, he can delete anything in the directory no matter who owns the file.
Oh, well, now that you say it I remember that remotely from "Unix school". I'd completely phased that out.
Is there a way to achieve different behavior without using acl extensions? My objective is that I want users *not* to be able to delete certain files/directories in their home directories. It seems I can achieve this partly by putting files in a directory they don't own. They then cannot delete the files in the directory and therefore cannot delete the directory. As soon as the directory is empty they can delete it.
Kai
Hi,
you might want to look into "chattr" i know you can set a few options to make sure they can't modify or remove a file.
check the manpage for chattr :)
later charles
On Tuesday 16 May 2006 12:57, Kai Schaetzl wrote:
Andy Green wrote on Tue, 16 May 2006 16:59:18 +0100:
This sounds like a Unix feature, not a bug. If the user has write rights to the directory, he can delete anything in the directory no matter who owns the file.
Oh, well, now that you say it I remember that remotely from "Unix school". I'd completely phased that out.
Is there a way to achieve different behavior without using acl extensions? My objective is that I want users *not* to be able to delete certain files/directories in their home directories. It seems I can achieve this partly by putting files in a directory they don't own. They then cannot delete the files in the directory and therefore cannot delete the directory. As soon as the directory is empty they can delete it.
Kai
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Charles Lacroix wrote on Tue, 16 May 2006 13:11:12 -0400:
you might want to look into "chattr" i know you can set a few options to make sure they can't modify or remove a file.
Thanks for mentioning it. chattr was what I was referring to with "acl extensions". I know it's powerful. I experimented with it a few years ago and found it interesting, but also hard to maintain. If possible I prefer to do it another way. Sticky bit seems just the right thing.
Kai
On Tue, 2006-05-16 at 18:57 +0200, Kai Schaetzl wrote:
Andy Green wrote on Tue, 16 May 2006 16:59:18 +0100:
This sounds like a Unix feature, not a bug. If the user has write rights to the directory, he can delete anything in the directory no matter who owns the file.
Oh, well, now that you say it I remember that remotely from "Unix school". I'd completely phased that out.
Is there a way to achieve different behavior without using acl extensions? My objective is that I want users *not* to be able to delete certain files/directories in their home directories. It seems I can achieve this partly by putting files in a directory they don't own. They then cannot delete the files in the directory and therefore cannot delete the directory. As soon as the directory is empty they can delete it.
Have you reviewed the chmod command? There is a bit that can be set that says that files can only be deleted by those who own them. Shows up with a "t" in certain positions. Just like with /tmp.
Kai
<snip sig stuff>
HTH
William L. Maltby wrote on Tue, 16 May 2006 13:15:24 -0400:
Have you reviewed the chmod command? There is a bit that can be set that says that files can only be deleted by those who own them. Shows up with a "t" in certain positions. Just like with /tmp.
Ah, yeah, the sticky bit. I grabbed my Using Unix, Second edition and read the chapter about that again. Thanks a lot. I didn't have the need to use that for a long time and had completely forgotten about it.
Kai
-
Andy Green -
Charles Lacroix -
Kai Schaetzl -
William L. Maltby