Chroot in ftpd on newer kernel versions

Sven-Göran Bergh svengbergh-busybox at yahoo.com
Wed Oct 3 10:04:04 UTC 2012



> 2012-10-03 Sven-Göran Bergh <svengbergh-busybox at yahoo.com>

>>  2012-10-03 Harald Becker <ralda at gmx.de>:
> 
> 
> Hi Harald,
> 
>>  So I suggest to add an option to ftpd to change user/group after doing
>>  chroot if run as root, and to bypass chroot if not running as root.
> 
> I think wrapping ftpd in tcpsvd would do that? Something like:
> 
> tcpsvd -Eu USER[:GRP] 0.0.0.0 21 ftpd /path/to/ftp/pub
> 
> Furthermore, if you are running ftpd on the standard port (21) it needs
> to run as root in order to bind to the port. Then drop its privileges
> for each incoming connection. tcpsvd will do all that for you.
> 
> Brgds
> /S-G

Sorry, 's/for each incoming connection//'.


More information about the busybox mailing list