Bug 198938 - ftp/proftpd bug, chroot does not allow for access to or creation of folders named 'lib'
Summary: ftp/proftpd bug, chroot does not allow for access to or creation of folders n...
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Many People
Assignee: Martin Matuska
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-03-26 22:53 UTC by Paul Macdonald
Modified: 2019-03-25 21:06 UTC (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Paul Macdonald 2015-03-26 22:53:43 UTC
FreeBSD

Proftpd with chroot on (default root ~) does not allow for the creation of, or uploading to folders named 'lib'

Upstream

To test if this is an upstream problem with proftpd I have installed proftpd-basic_1.3.4a-5+deb7u2_armhf.deb onto a raspberry pi to test but can create and upload to 'lib' folders there.

Additional

As many wordpress plugins use such folders, this is quite problematic.
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2015-03-27 02:58:42 UTC
Fix Summary and assign.
Comment 2 Kurt Jaeger freebsd_committer 2015-03-30 13:51:15 UTC
There is a special case in src/fsio.c, mentioning

https://auscert.org.au/15286
https://auscert.org.au/15526

which basically says: We do not allow uploads to /etc and /lib if chrooted.

Those are old CERT alerts, so someone needs to check if proftpd on FreeBSD is
still vulnerable to that attack vector.
Comment 3 Paul Macdonald 2015-04-17 10:11:41 UTC
Not a fix, but as a workaround you can give users a login to a folder above, which makes it /parent/lib instead of /lib.
Comment 4 Miroslav Lachman 2015-05-20 16:28:40 UTC
It is sad, because we have hundereds of domains (FTP users) on our servers using ProFTPd, so we can not change directory layout and some of our clients are using ~/lib/ for libraries of PHP webapplications for many years - and now are inaccessible.
Comment 5 Walter Schwarzenfeld freebsd_triage 2018-01-12 21:54:25 UTC
Is this still relevant?
Comment 6 Miroslav Lachman 2018-01-12 22:58:29 UTC
(In reply to w.schwarzenfeld from comment #5)
Yes, it is still relevant for proftpd-1.3.6

"lib" cennot be created (or accessed):

Status:	Creating directory '/lib'...
Command:	MKD lib
Response:	550 lib: Permission denied
Command:	MKD /lib
Response:	550 /lib: Permission denied


"lib2" was successfully created:

Status:	Creating directory '/lib2'...
Status:	Retrieving directory listing of "/lib2"...
Status:	Directory listing of "/lib2" successful
Comment 7 Martin Matuska freebsd_committer 2019-03-19 00:11:33 UTC
Did you consider using ftp/proftpd-mod_vroot?
http://www.castaglia.org/proftpd/modules/mod_vroot.html
Comment 8 Miroslav Lachman 2019-03-25 21:06:08 UTC
(In reply to Martin Matuska from comment #7)
No. And from the manpage I don't know how it should be configured to use current directory layout but allow us to use "lib" directory as it was possible back in the days.
ProFTPd is causing me more and more headaches (segfaulting regularly after midnight logrotation) that I am more and more heading to switch to another FTP daemon with similar functionalities.