Proftpd bug, chroot does not allow for access to or creation of folders named 'lib'

Miroslav Lachman 000.fbsd at quip.cz
Mon Mar 30 13:31:11 UTC 2015 

Paul Macdonald wrote on 03/26/2015 20:40:
>
>
> AFFECTS
>      10.1
>
>      BUG:
>
>      Proftpd with chroot on does not allow for the creation of or
> uploading to folders named 'lib'
>
>     I have installed proftpd-basic_1.3.4a-5+deb7u2_armhf.deb onto a
> raspberry pi to test if problem is upstream and can create and upload to
> 'lib' folders there.
>
>      As many wordpress plugins use such folders, this is quite problematic.
>
>      I'd appreciate it if anyone else can test this ( i've tried on
> several servers)

I can confirm this problem on FreeBSD 8.4-RELEASE i386 with proftpd-1.3.5_2

Is some patch available to fix this? (I cannot disable DefaultChroot)

Miroslav Lachman

--
[L] 257 "/" is the current directory
[L] PASV
[L] 227 Entering Passive Mode (192,168,105,10,218,51).
[L] Opening data connection IP: 192.168.105.10 PORT: 55859
[L] LIST -al
[L] 150 Opening ASCII mode data connection for file list
[L] TLSv1 (DHE-RSA-AES256-SHA 256 Bits)
[L] 226 Transfer complete
[L] List Complete: 607 bytes in 5,00s (0,00KB/s)
[L] PASV
[L] 227 Entering Passive Mode (192,168,105,10,218,51).
[L] Opening data connection IP: 192.168.105.10 PORT: 55859
[L] STOR readme.txt
[L] 150 Opening ASCII mode data connection for readme.txt
[L] TLSv1 (DHE-RSA-AES256-SHA 256 Bits)
[L] 226 Transfer complete
[i] readme.txt 50 575bytes/5,36(s)/0,00Kbps
[i] Transfer queue complete
[i] Transfered 1 file(s) - Total: 50 575 byte(s) in 5,36 (0,00 KBps)
[L] PASV
[L] 227 Entering Passive Mode (192,168,105,10,215,174).
[L] Opening data connection IP: 192.168.105.10 PORT: 55214
[L] LIST -al
[L] 150 Opening ASCII mode data connection for file list
[L] TLSv1 (DHE-RSA-AES256-SHA 256 Bits)
[L] 226 Transfer complete
[L] List Complete: 681 bytes in 5,00s (0,00KB/s)
[L] CWD lib
[L] 250 CWD command successful
[L] PWD
[L] 257 "/lib" is the current directory
[L] PASV
[L] 227 Entering Passive Mode (192,168,105,10,215,158).
[L] Opening data connection IP: 192.168.105.10 PORT: 55198
[L] LIST -al
[L] 150 Opening ASCII mode data connection for file list
[L] TLSv1 (DHE-RSA-AES256-SHA 256 Bits)
[L] 226 Transfer complete
[L] List Complete: 499 bytes in 5,00s (0,00KB/s)
[L] PASV
[L] 227 Entering Passive Mode (192,168,105,10,216,54).
[L] Opening data connection IP: 192.168.105.10 PORT: 55350
[L] STOR readme.txt
[L] 550 readme.txt: Permission denied
[L] Transfer Failed

More information about the freebsd-questions mailing list