Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: vsftpd fatal flaw - can C help
Top Forums Programming vsftpd fatal flaw - can C help Post 302071338 by jhod22 on Saturday 15th of April 2006 07:04:04 AM
Old 04-15-2006
vsftpd fatal flaw - can C help
I am not a C programmer, so I was hoping someone can help with the following: vsftpd is programmed in C, but it has a fatal flaw whereby uploads can be copied by Samba before the upload is complete (this includes the latest vsftpd daemon) This is because vsftpd does not support file locking, unlike the AIX ftp server for example. Proftpd also has a way around this problem by hiding files with the hidden stor feature, which gives the file a randon hidden file name until the upload is complete. So, would it be possible to insert one of these features or both within vsftpd, by analyzing the source code and making the necessary changes?
I have contacted the developer but no feedback yet
 

7 More Discussions You Might Find Interesting

1. News, Links, Events and Announcements

Flaw leaves Linux computers vulnerable

NEWS: Flaw leaves Linux computers vulnerable http://news.com.com/2100-1001-857265.html A flaw in a software-compression library used in all versions of Linux could leave the lion's share of systems based on the open-source operating system open to attack, said sources in the security... (3 Replies)
Discussion started by: killerserv
3 Replies

2. UNIX for Dummies Questions & Answers

VSFTPD

Hi, I am using VSFTPD. I have instructed it to send all logging informartion to /var/log/messages. I would like it to record the names of users who have failed loggin attempts. I have read up on it but have not found out how to do this. Any ideas? (1 Reply)
Discussion started by: mojoman
1 Replies

3. UNIX for Advanced & Expert Users

Vsftpd serious issues

hello mighty all there's a problem in vsftpd it allows to delete files which have 000 mode and root:root owner also 400 even with option deny_file={those_files} - still allowed i'm doing it through mc through ftp-shell it's not allowed it's not working if mother-dir have -w and not working... (3 Replies)
Discussion started by: tip78
3 Replies

4. UNIX for Dummies Questions & Answers

Vsftpd is not working

Hi, I installed debian jessie and friend asked me to install for him vsftpd, of course, first I try at my vps, but I don't get it to work. there are many tutorials to install ftp server but as i said, it is not working and beside running ftp server, I need for him and some GUI to use it, he is... (2 Replies)
Discussion started by: alanford
2 Replies

5. UNIX for Dummies Questions & Answers

Vsftpd

Hello I am new to linux. I have recently installed vsftpd in my Centos server. I have set the local_umask=0037. But now i can't understand how the window users added in a centos server can see each-other folder. ---------- Post updated at 05:59 AM ---------- Previous update was at 05:55 AM... (7 Replies)
Discussion started by: Maham Zahid
7 Replies

6. UNIX for Advanced & Expert Users

Does vsftpd support user access with client certificate with priv/pub key + vsftpd certificate?

:rolleyes:I am trying to setup all certificate based client-server environment in Linux using vsftpd and curl with openssl. I would like to make a user access with vsftpd certificate and user own client certificate (self-signed) with private/public key. I don't see google posts about the my plan... (4 Replies)
Discussion started by: gogogo
4 Replies

7. What is on Your Mind?

PHP Fatal Errors During SSL Cert Management - PHP Fatal error: xc_fcntl_mutex failed

Today, I noticed some errors in our SSL cert renewal log files, mostly related to domains where the IP address had changed. Concerned about this, rebuilt out SSL cert, which normally goes well without a hiccup. However, for today, for some reason which I cannot explain, there was a PHP error... (0 Replies)
Discussion started by: Neo
0 Replies

LEARN ABOUT DEBIAN

flaw

flaw(7) 						 Miscellaneous Information Manual						   flaw(7)

NAME

       flaw - a Lua OO management framework for awesome WM widgets

DESCRIPTION

       flaw stands for Fully Loaded AWesome.  It is a LUA object oriented library providing a thin abstraction layer above awesome widgets.  It is
       aimed at being simple and resources efficient.

       To achieve these goals, flaw provides the following concepts.

       gadgets
	      To add functionality to awesome widgets, flaw defines gadget objects, which are a wrapper around a widget.  All gadgets have proper-
	      ties,  events,  a  refresh  mechanism and a data provider (see below).  Gadgets can wrap all awesome widget type, namely text boxes,
	      image boxes, graphs or progress bars.  flaw provides many gadgets for common system information (like CPU or memory activity).

       provider
	      flaw tries to minimise system access and data refresh.  Since all information do not have the  same  expiration  rate,  all  gadgets
	      refresh  independently.	And  since some gadgets can share information, all data is provided by providers which can be shared among
	      gadgets.	Providers maintain status data from the system and refreshes only when necessary (ie. when the gadget  with  the  shortest
	      refresh rate demands it).

       events Events  are a way for the user to modify the gadget behaviour or properties when some conditions are met.  An event is composed of a
	      trigger, which computes the condition, and an action.  Event triggers are tested by the providers only when data changes.  Both  the
	      condition and the action are provided by the user.

USAGE

       flaw  depends  on  the lua-filesystem package which can be found http://luaforge.net/projects/luafilesystem.  Once installed, the following
       statement must be inserted in awesome configuration before any flaw gadget or mechanism is used.
	      require('flaw')

       Using flaw consists in creating gadgets, passing them parameters to customize their display and events to add some behaviour to	them,  and
       then  adding  them  in a wibox like any other awesome widget.  flaw and awful gadgets can live together. The complete flaw documentation is
       available in Luadoc format. Enter the following command to generate it.
	      LUA_PATH="path_toflaw/doclet/html/?;;" luadoc -d html --nofiles *.lua

DIAGNOSTICS

       flaw tries to recover upon bad invocations.  When something wrong occurs, it outputs warning or error messages to stderr (for  example,	if
       awesome was started with xsession, output will be found in ~/.xsession-errors ).

BUGS

       Certainly a lot.

AUTHOR

       David Soulayrol <david.soulayrol at gmail dot net>

SEE ALSO

       awesome(1), awesome-client(1), awesomerc(5)

								   FEBRUARY 2009							   flaw(7)
All times are GMT -4. The time now is 01:51 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy