FTP Security Disaster
It seems that either the 10.4.9 Sever Upgrade or the recent security update has disastrously altered the behavior of FTP in my configuration.
While FTP users are still sent to their home directories at logon, they're now free to CWD to get above those directories.
Worse, FTP now apparently perceives "/" as being the root level of the boot drive of the server, rather than the FTPRoot configuration in the Server Admin app. This gives FTP users inappropriate access to files that are outside of any sharepoint.
These behaviors persist unchanged even if I unshare everything - i.e., FTP users have all this access even if there are no sharepoints configured. Given the default o=rx configuration of many of the directories at "/" in a conventional X Server instillation, this is a nightmare.
Server Admin's "Advanced" settings for FTP now seem to have no effect whatsoever. Ironically, this means it's impossible to provide FTP users any access whatsoever to sharepoints. It makes no different what I setup - the behaviors described above persist. I can even specify user home directories outside of any sharepoint and FTP will provide access to them. Failure to specify a home directory dumps the user at the root level of the server's boot drive, not the FTPRoot. My only control over any of it is to turn FTP off entirely, which of course I have, much to the distress of my users.
I note that the normal creation of symbolic links in "/Library/FTPServer/FTPRoot" has been somehow suspended. Nothing ever happens, regardless of how I change settings.
I don't use anonymous FTP, and so have no idea how that would impact this mess.
As I'm sure is obvious, I'm now way beyond my expertise. Questions, suggestions... anything at all would be welcome.
Thanks,
Bryan
While FTP users are still sent to their home directories at logon, they're now free to CWD to get above those directories.
Worse, FTP now apparently perceives "/" as being the root level of the boot drive of the server, rather than the FTPRoot configuration in the Server Admin app. This gives FTP users inappropriate access to files that are outside of any sharepoint.
These behaviors persist unchanged even if I unshare everything - i.e., FTP users have all this access even if there are no sharepoints configured. Given the default o=rx configuration of many of the directories at "/" in a conventional X Server instillation, this is a nightmare.
Server Admin's "Advanced" settings for FTP now seem to have no effect whatsoever. Ironically, this means it's impossible to provide FTP users any access whatsoever to sharepoints. It makes no different what I setup - the behaviors described above persist. I can even specify user home directories outside of any sharepoint and FTP will provide access to them. Failure to specify a home directory dumps the user at the root level of the server's boot drive, not the FTPRoot. My only control over any of it is to turn FTP off entirely, which of course I have, much to the distress of my users.
I note that the normal creation of symbolic links in "/Library/FTPServer/FTPRoot" has been somehow suspended. Nothing ever happens, regardless of how I change settings.
I don't use anonymous FTP, and so have no idea how that would impact this mess.
As I'm sure is obvious, I'm now way beyond my expertise. Questions, suggestions... anything at all would be welcome.
Thanks,
Bryan
G5 DP 2.5 ghz, etc., Mac OS X (10.4.9), OS X Server 10.4.9
