Date: Wed, 20 May 2009 16:57:39 -0400 From: alexus <alexus@gmail.com> To: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net> Cc: freebsd-questions@freebsd.org Subject: Re: proftpd TLS Message-ID: <6ae50c2d0905201357o62d78858ydbc5d8012e880ebf@mail.gmail.com> In-Reply-To: <200905201647.23788.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> References: <6ae50c2d0905171301y2d92a7b1mc3598295de12ecc2@mail.gmail.com> <200905201346.33032.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> <6ae50c2d0905200713t7d9c785fs4f6c5ec6db4166de@mail.gmail.com> <200905201647.23788.mel.flynn%2Bfbsd.questions@mailing.thruhere.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 20, 2009 at 10:47 AM, Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net> wrote: > On Wednesday 20 May 2009 16:13:15 alexus wrote: >> On Wed, May 20, 2009 at 7:46 AM, Mel Flynn >> >> <mel.flynn+fbsd.questions@mailing.thruhere.net> wrote: >> > On Tuesday 19 May 2009 21:18:48 alexus wrote: >> >> On Tue, May 19, 2009 at 2:26 PM, Mehul Ved <mehul.n.ved@gmail.com> wr= ote: >> >> > On Tue, May 19, 2009 at 11:14 PM, alexus <alexus@gmail.com> wrote: >> >> >> i start it as a root, but it switchs to non-root >> >> >> >> >> >> nobody 52346 =C2=A00.0 =C2=A00.1 11820 =C2=A04208 =C2=A0?? =C2=A0S= sJ =C2=A0Sun06PM =C2=A0 0:00.66 >> >> >> proftpd: (accepting connections) (proftpd) >> >> > >> >> > Check the value for 'user' in proftpd.conf. It will be nobody. Chan= ge >> >> > it to root. >> >> > >> >> > -- >> >> > >> >> > Dyslexics have more fnu. =C2=A0- >> >> > http://kingsly.net/tmp/fortune.php/1242364116 >> >> >> >> wouldn't it sort of make it more risky in terms of security to run >> >> ftpd as root vs nobody? >> >> in general daemon do not run as root and thats for a reason.. >> > >> > Yes, don't do it. Is proftpd started as root? Then this shouldn't occu= r, >> > although a forum post[1] suggests that mod_cap can fiddle with this. >> > >> > [1] http://forums.proftpd.org/smf/index.php?topic=3D1315.0 >> > -- >> > Mel >> >> if i set User in proftpd.conf to root, then it runs as a root > > I said *start* as root. Theoretically, the pass phrase part for your > certificate comes before dropping privileges. But maybe there's a bug in = the > code. Is proftpd running jailed or not? > > -- > Mel > yes, proftpd runs inside of jail --=20 http://alexus.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6ae50c2d0905201357o62d78858ydbc5d8012e880ebf>