S/FTP/S security and root group?

D

Dmitry2015-12-01 08:30:07

linux

Dmitry, 2015-12-01 08:30:07

Greetings,
The task was to make an s / ftp / s server so that the user has access to one place with the same rights for all three protocols.
Given: ubuntu14, sshd+proftpd
user -G ftpaccess -shell /bin/false
part of sshd:

PermitRootLogin no
Match group ftpaccess
ChrootDirectory %h

proftpd:

DefaultRoot                     ~
User                            proftpd
Group                           nogroup
Include /etc/proftpd/tls.conf
# Include mod_exec.c

home rights:

[email protected]:/home/testuser# ls -l /home/
drwxr-x--- 5 root   ftpaccess 4096 Nov 11 14:48 testuser

[email protected]:/home/testuser# ls -l /home/testuser/
drwxr-xr-x 2 testuser ftpaccess 4096 Oct 23 13:02 IN
drwxr-xr-x 2 testuser ftpaccess 4096 Oct 20 15:47 OUT
drwxr-xr-x 2 testuser ftpaccess 4096 Oct 20 15:38 TMP

A user with a primary group ftpaccess cannot log in via ftp/s 530 Login incorrect.
By adding an additional root to the group, everything works as it should.
How critical is this for security?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

A

Akmal Kadirov, 2014-02-27
@kadirov

Updated php5.4.4 to 5.4.25 and everything worked.

V

Vit, 2014-02-27
@fornit1917

www.linux.org.ru/forum/admin/8054334 this problem was discussed here, read it, maybe something will help

K

kenny_opennix, 2014-02-27
@kenny_opennix

What is the core?
Have you played with timeouts?

L

Lebnik, 2015-04-21
@Lebnik

apt-get install --reinstall php5-fpm