[2774] in RedHat Linux List
Re: anon FTP howto setup sym links
daemon@ATHENA.MIT.EDU (Daniel Lark)
Tue Nov 5 12:31:28 1996
From: Daniel Lark <dan@netsteps.com>
To: redhat-list@redhat.com
Date: Tue, 5 Nov 1996 10:22:40 -0700 (MST)
In-Reply-To: <199611051603.RAA08649@gaia.swip.net> from "tony@mbox317.swipnet.se" at Nov 5, 96 05:02:27 pm
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
>
> I've got some trouble with anon FTP. I've setup an apache server and
> linked a couple of directories (cdrom, some vfat mounted dir's) and
> it works fine, probably coz there's a config option "FollowSymLinks".
> Now I've setup the anan FTP stuff but the sym links won't work so for
> now I have to actually copy the stuff into pub, there must be a way
> to make this with links. Anyone that knows about this?
>
Anonymous ftp does a 'chroot' function call when started. This function does
what is implied in the name; it changes the _apparent_ root directory for
the process. It is governed by the user entry for ftp in /etc/passwd.
Now what does this have do with the symlink deal? Plenty! Since the wu.ftpd
process now does see anything above its home directory (usually /home/ftp in
Linux) it cannot resolve symlinks that are "above" this. For symlinks to
work, the CD-ROM _has_ to be mounted some where under /home/ftp. There is no
exception. (Also of note is that certain things like libraries, binaries,
etc. are in fact duplicated in dirs like /home/ftp/lib, /home/ftp/bin, etc.)
The reason that anon-ftp does the chroot is for security. Think of it like
this: If files above /home/ftp are visible (accessable), then they can be
obtained, or worse yet deleted and/or modified. To quote some anonymous
source, "It's not a bug, it's a feature!"
-dan
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-Errata
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
