Bug#119450: general: proftpd
Package: general
Version: 20011113
Severity: grave
proftpd fails to chroot into anonymous server root, as defined by the
<Anonymous /chroot/path> tag, specifically as defined in this config
block:
<Anonymous /home/ftp>
User ftp
Group ftp
UserAlias anonymous ftp
Umask 022
AllowOverwrite on
AnonRequirePassword on
RequireValidShell off
MaxClients 10
DisplayLogin welcome.msg
DisplayFirstChdir .message
... enables anonymous users to view and get files from /, including
such notables as /etc/passwd
ii proftpd 1.2.4-1
ii proftpd-common 1.2.4-1
ii shellutils 2.0.11-11
ii libpam-modules 0.72-33
ii libpam0g 0.72-33
ii libpam-runtime 0.72-33
-- System Information
Debian Release: testing/unstable
Kernel Version: Linux maul 2.4.9 #2 SMP Sun Sep 9 01:08:16 EDT 2001 i686 unknown
Reply to: