Chroot in ftpd on newer kernel versions

Sven-Göran Bergh svengbergh-busybox at yahoo.com
Wed Oct 3 09:56:39 UTC 2012


> 2012-10-03 Harald Becker <ralda at gmx.de>:


Hi Harald,

> So I suggest to add an option to ftpd to change user/group after doing
> chroot if run as root, and to bypass chroot if not running as root.

I think wrapping ftpd in tcpsvd would do that? Something like:

tcpsvd -Eu USER[:GRP] 0.0.0.0 21 ftpd /path/to/ftp/pub

Furthermore, if you are running ftpd on the standard port (21) it needs
to run as root in order to bind to the port. Then drop its privileges
for each incoming connection. tcpsvd will do all that for you.

Brgds
/S-G



More information about the busybox mailing list