Hi, I just came accross this new security feature of vsftpd whith which you cannot have your $HOME writable for a chrooted user.
Since this ftp server is a public accessable server with ~60 users and partial nested homedirs, there is no chance that there is no writable homedirectory. Another big point is, the directory structure increased over years. So there is even no possibility to change it and give users an writable directory inside their $HOME. So what is the best practice to avoid security problems? 1. Using no ftp -> no chance 2. Avoid using chroot is in my opinion a bad idea on a public accessable ftpd. 3. Compiling vsftpd >3.0 from source and using allow_writeable_chroot=YES: This would lead in using non Debian packages and watching them seperatly. 4. Using packages from Jessie: My preffered choice. But how to control security updates? Any suggestions from your side? Regards -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130808083032.gd7...@stubbi.org
