Re: Best practice vsftpd writable root inside chroot()
> > 1. Using no ftp -> no chance
>
> You didn't say but are you using ftp for upload access? Since ftp
> sends passwords in the clear it is unsuitable in these days of a
> hostile Internet for any purpose other than anonymous downloading.
>
I need full access from all clients to their home directory including uploads. I'm aware of the security risks using ftp. But there isn't another option like sftp. ~60 clients with a minimum of knowledge of security risks and technical understanding. It will be a hard and non-profitable way to switch over to sftp or even http.
> > 2. Avoid using chroot is in my opinion a bad idea on a public
> > accessable ftpd.
>
> But you are already using ftp. Talking about security at that point
> is like putting a heavy duty lock on a screen door. No matter how
> good the lock it is still a screen door and won't stop anyone who
> wants to run through it.
>
> > 3. Compiling vsftpd >3.0 from source and using
> > allow_writeable_chroot=YES: This would lead in using non Debian
> > packages and watching them seperatly.
>
> Use a Debian watch file. See the 'uscan' program for details. But
> you can have it automatically notify you when new versions arrive.
>
Sounds interessting. I will have a look...
> > 4. Using packages from Jessie: My preffered choice. But how to
> > control security updates?
>
> Does the Jessie vsftpd allow writable chroots? Sounds like a bug to
> be filed to me.
>
It is a "problem" of vsftpd. They decided to disable ftp with writable $HOME if chroot is enabled [1], [2]. It's a matter of old versions in Debian. Jessie provides the newer version with the new config setting.
Regards
[1]: https://security.appspot.com/vsftpd/Changelog.txt (Version 2.3.5)
[2]: https://security.appspot.com/vsftpd/FAQ.txt (Q3)
Reply to: