*BSD News Article 83371


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!howland.erols.net!EU.net!main.Germany.EU.net!Dortmund.Germany.EU.net!interface-business.de!usenet
From: j@ida.interface-business.de (J Wunsch)
Newsgroups: comp.unix.bsd.misc
Subject: Re: Chroot FTP
Date: 21 Nov 1996 13:14:54 GMT
Organization: interface business GmbH, Dresden
Lines: 22
Message-ID: <571kke$lev@innocence.interface-business.de>
References: <56r8ep$6t5@nr1.calgary.istar.net> <56t15l$29o@tuegate.tue.nl>
Reply-To: joerg_wunsch@interface-business.de (Joerg Wunsch)
NNTP-Posting-Host: ida.interface-business.de
X-Newsreader: knews 0.9.6
X-Phone: +49-351-31809-14
X-Fax: +49-351-3361187
X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F  93 21 E0 7D F9 12 D6 4E

robk@stack.urc.tue.nl (Rob Kouwenberg) wrote:

> : have run into a bit of a wall.  The server seems to be chrooting the
> : session properly (ie. can't go higher in the tree than supposed to), but
> : ls does not appear to work.  In my experience this is  usually a sign
> : that a statically linked ls is required, or that libraries are required
> : in a libs dir for the "chroot".

> You are 100% right on the dot.

Just one additional datapoint since it happened to me at a customer,
and took me a while to find it out.  Everything was right, the
chroot'ed /bin/ls was statically linked etc., but still the DIR
command didn't work.  I've more incidentally stumpled across that guy
having change the ~ftp directory to mode 0700 owner root.  Needless to
say, the anon user privileges didn't allow for traversing it, hence
the /bin/ls could never looked up.

-- 
J"org Wunsch					       Unix support engineer
joerg_wunsch@interface-business.de       http://www.interface-business.de/~j