04-15-2006
vsftpd fatal flaw - can C help
I am not a C programmer, so I was hoping someone can help with the following: vsftpd is programmed in C, but it has a fatal flaw whereby uploads can be copied by Samba before the upload is complete (this includes the latest vsftpd daemon) This is because vsftpd does not support file locking, unlike the AIX ftp server for example. Proftpd also has a way around this problem by hiding files with the hidden stor feature, which gives the file a randon hidden file name until the upload is complete. So, would it be possible to insert one of these features or both within vsftpd, by analyzing the source code and making the necessary changes?
I have contacted the developer but no feedback yet
7 More Discussions You Might Find Interesting
1. News, Links, Events and Announcements
NEWS:
Flaw leaves Linux computers vulnerable
http://news.com.com/2100-1001-857265.html
A flaw in a software-compression library used in all versions of Linux could leave the lion's share of systems based on the open-source operating system open to attack, said sources in the security... (3 Replies)
Discussion started by: killerserv
3 Replies
2. UNIX for Dummies Questions & Answers
Hi,
I am using VSFTPD.
I have instructed it to send all logging informartion to /var/log/messages.
I would like it to record the names of users who have failed loggin attempts. I have read up on it but have not found out how to do this. Any ideas? (1 Reply)
Discussion started by: mojoman
1 Replies
3. UNIX for Advanced & Expert Users
hello mighty all
there's a problem in vsftpd
it allows to delete files which have 000 mode and root:root owner
also 400
even with option deny_file={those_files} - still allowed
i'm doing it through mc
through ftp-shell it's not allowed
it's not working if mother-dir have -w
and not working... (3 Replies)
Discussion started by: tip78
3 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I installed debian jessie and friend asked me to install for him vsftpd, of course, first I try at my vps, but I don't get it to work.
there are many tutorials to install ftp server but as i said, it is not working and beside running ftp server, I need for him and some GUI to use it, he is... (2 Replies)
Discussion started by: alanford
2 Replies
5. UNIX for Dummies Questions & Answers
Hello
I am new to linux.
I have recently installed vsftpd in my Centos server. I have set the local_umask=0037.
But now i can't understand how the window users added in a centos server can see each-other folder.
---------- Post updated at 05:59 AM ---------- Previous update was at 05:55 AM... (7 Replies)
Discussion started by: Maham Zahid
7 Replies
6. UNIX for Advanced & Expert Users
:rolleyes:I am trying to setup all certificate based client-server environment in Linux using vsftpd and curl with openssl.
I would like to make a user access with vsftpd certificate and user own client certificate (self-signed) with private/public key.
I don't see google posts about the my plan... (4 Replies)
Discussion started by: gogogo
4 Replies
7. What is on Your Mind?
Today, I noticed some errors in our SSL cert renewal log files, mostly related to domains where the IP address had changed. Concerned about this, rebuilt out SSL cert, which normally goes well without a hiccup.
However, for today, for some reason which I cannot explain, there was a PHP error... (0 Replies)
Discussion started by: Neo
0 Replies