VSFTPD issue?

ponder

ponder

Honorary Master
Joined
Jan 22, 2005
Messages
92,823
Code: 
[[I]username[/I]@asterix ~]$ /etc/rc.d/vsftpd start
:: Starting vsftpd FTP Daemon                                                                    [BUSY]                 /bin/touch: cannot touch `/var/run/daemons/vsftpd': [COLOR="red"]Permission denied[/COLOR]             [DONE]
                                                                                                                    
[[I]username[/I]@asterix ~]$

Code: 
[[I]username[/I]@asterix ~]$ ls -l /var/run/daemons | grep vsftpd
-rw-r--r-- 1 [COLOR="red"]root root[/COLOR] 0 Apr 20 09:20 vsftpd
[[I]username[/I]@asterix ~]$

How do I fix this? Surely you should not run the vsftpd daemon with root access?
 
A

adrianx

Expert Member
Joined
Jun 30, 2008
Messages
3,761
As far as I can tell, it is normal for the vsftpd daemon to be started as root:

Presenting vsftpd's secure design
=================================

vsftpd employs a secure design. The UNIX facilities outlined above are used
to good effect. The design decisions taken are as follows:

1) All parsing and acting on potentially malicious remote network data is
done in a process running as an unprivileged user. Furthermore, this process
runs in a chroot() jail, ensuring only the ftp files area is accessible.

2) Any privileged operations are handled in a privileged parent process. The
code for this privileged parent process is as small as possible for safety.

3) This same privileged parent process receives requests from the unprivileged
child over a socket. All requests are distrusted. Here are example requests:
- Login request. The child sends username and password. Only if the details
are correct does the privileged parent launch a new child with the appropriate
user credentials.
- chown() request. The child may request a recently uploaded file gets
chown'ed() to root for security purposes. The parent is careful to only allow
chown() to root, and only from files owned by the ftp user.
- Get privileged socket request. The ftp protocol says we are supposed to
emit data connections from port 20. This requires privilege. The privileged
parent process creates the privileged socket and passes it to child over
the socket.

4) This same privileged parent process makes use of capabilities and chroot(),
to run with the least privilege required. After login, depending on what
options have been selected, the privileged parent dynamically calculates what
privileges it requires. In some cases, this amounts to no privilege, and the
privileged parent just exits, leaving no part of vsftpd running with
privilege.

5) vsftpd-2.0.0 introduces SSL / TLS support using OpenSSL. ALL OpenSSL
protocol parsing is performed in a chroot() jail, running under an unprivileged
user. This means both pre-authenticated and post-authenticated OpenSSL protocol
parsing; it's actually quite hard to do, but vsftpd manages it in the name of
being secure. I'm unaware of any other FTP server which supports both SSL / TLS
and privilege separatation, and gets this right.
Click to expand...
http://vsftpd.beasts.org/DESIGN

Remember, Apache (httpd) is also started as root, but it then launches several child processes which listen for and answer requests from clients.
 
ponder

ponder

Honorary Master
Joined
Jan 22, 2005
Messages
92,823
Thanks, after a bit of googling I came to the same conclusion. My memory must be failing me as I have been using it for a long time.
 
You must log in or register to reply here.
Top