[CentOS] vsftpd writing files 2 times - once as root

Dirk H. Schulz dirk.schulz at kinzesberg.de
Tue Apr 6 18:58:49 UTC 2010


I have configured my vsftpd with virtual users all of which are mapped 
to a system user for file system permissions (let's call him 
'ftpsystemuser').

That means, if someone uploads files they are writting using owner and 
group of the system user:
> -rw-r--r-- 1 ftpsystemuser ftpsystemuser 19968 16. Mär 11:24 Termine 
> Leistungspr?fungen.doc
Now we have the phenomenon that some files and folders are written 
twice, one instance as it should be and the other with owner and group 
'root' and with html-like file name syntax. For example:
> -rw-r--r-- 1 root          root          19968 16. Mär 11:24 Termine 
> Leistungspr%FCfungen.doc
> -rw-r--r-- 1 ftpsystemuser ftpsystemuser 19968 16. Mär 11:24 Termine 
> Leistungspr?fungen.doc
This looks like a  security problem: the process writing these files 
should not be able to do this as root, should it?
And then it is very annoying.

Has anyone seen that? Is that something I can configure off somehow?

Any hint or help is appreciated, any deeper insight very welcome.

Dirk



More information about the CentOS mailing list