
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
FTP Security
|
367
do not: the latter three use their own internal versions of ls rather than the system’s,
and function without their own versions of /etc/passwd, etc.
The chroot directory itself and every directory within it should be owned by root,not
by your anonymous FTP account (e.g., ftp) or the daemon’s “run-as” account (e.g.,
nobody). A common configuration error on anonymous-FTP servers is for the FTP
root to be owned by the FTP account, which constitutes a major exposure, since an
anonymous FTP user could write a .rhosts or .forward file to it that extends the
user’s access to the system.
Proper FTP root (chroot jail) ownerships and permissions are illustrated in
Example 11-1, which shows a recursive listing of a sample FTP chroot jail in /var/ftp/.
The directory /var/ftp itself is set up like this:
drwxr-xr-x 2 root root 4096 Apr 16 00:06 ftp
If your FTP server is to be maintained by a non-root user, or if you wish to add files
to the pub/ directory without being root, it’s okay to make the pub/ group writable
and owned by a group to which your non-root account belongs. Since the group
wheel is used on many systems to define which user accounts may perform su root,
and it’s a group to which you or your subadministrators probably already belong, it’s
a logical choice for this ...