home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] ProFTP and IE7

Hi all,

Thanks for the suggestions. I've just finished installing vsftp and so far it's working like a charm. I did think the behaviour of proftpd was a bit fishy. I had only played with it briefly in my previous incarnation as a sys admin but I must say vsftp is much quicker and the users are chrooted.

Now to play a bit with the other options.

Oh how I missed linux. :-)

Collin

Bill Strosberg wrote:
Pedro I. Sanchez wrote:
Collin McCrank wrote:
Hello all,

I've been out of the linux loop for a couple of years now and am once
again in a sys admin position.  Something strange has come up and I was
wondering if I have your imput/suggestions on it.

There is a server in the office running Mandrake 10.2 and ProFTPD
1.2.10-9. (I didn't set these up, they are legacy from my successor)

Everything about it is fine except for one issue. When someone uses IE7
to browse the ftp site they aren't chroot-ed like they are in IE6 and
Mozilla or any other ftp program.  What happens is they log on with a
user/pass and should be taken to /home/some_user (there is no anon on
this ftp), and unable to move up a directory.

What is happening in IE7 is a user logs on with his/her credentials and
it drops them right to /home and they then have access to all the other
users folders instead of being trapped in their own home folder.

I've tried searching on Google but with no luck.

Thanks
Collin

p.s.  Other than ProFTPD do you suggest any other ftp servers?


I don't know about your problem but I would recommend that you take a
look at vsftpd (http://vsftpd.beasts.org/) which I've been using for
years without any troubles whatsoever. vsftpd powers sites such us
ftp.openbsd.org, ftp.redhat.com, ftp.debian.org, ftp.gnu.org and
ftp.gnome.org. An impressive list I should say.

Second the vote for vsftpd. I've used it for years on every site where FTP is unavoidable.

Although, I've now got almost everyone switched to SSH/SFTP with only a couple exceptions.

Your directory access issue seems to be a configuration problem. IE doesn't have magical abilities to bypass a chrooted environment - I would expect that it may be ignoring a "suggested" working directory and defaulting to the user home. Chroot environments do not vary by client, and software that allowed bypassing a chroot jail just because the client was different would be incredibly lame. I would take a hard look at your ftp daemon configuration - and I would bet you are either not really running in a chroot jail, or the new chroot'ed root directory is really the user home. Something is very fishy about your reported behavior.

--
Bill Strosberg
_______________________________________________
Linux mailing list
Linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca
http://www.oclug.on.ca/mailman/listinfo/linux

--
Collin McCrank
Systems Administrator
W. R. Davis Engineering
Phone: (613)748-5500
Fax: (613)748-3972
Email: cmccrank [ at ] davis-eng [ dot ] com


references