ftp upload, was Re: vsftpd and ~/public_html
gnu not unix
gnu at wraith.sf.ca.us
Mon Aug 29 18:14:22 UTC 2005
>> [y4kk0 at X ~]$ ls -Zd public_html/
>> drwxrwxrwx y4kk0 users system_u:object_r:httpd_user_content_t
>> public_html/
>> [y4kk0 at X ~]$
>> selinux-policy-targeted-1.25.4-10
>> system: Fedora Core 4
>> Maybe default policy should allow ftp server to enter this directory
>> so users would be able to upload their WWW stuff via ftp?
>Sounds reasonable, I will add it.
Ouch, this seems like opening up an attack vector to me.
Shouldn't ftp *upload* be to a write-only "holding cell"
at least?
../Steven
More information about the fedora-selinux-list
mailing list