Facebook
Twitter
nilsringersma_nl
Basic Pleskian
TITLE:
ProFTPd RLimitChroot triggered on relative path when using FTP account with edited root-path
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
Plesk Onyx, 17.8.11 Update #63, CentOS7
PROBLEM DESCRIPTION:
ProFTP protects creation/mutation of files inside 'lib' and 'etc' directories as described here: FTP user is not able to access, upload or create lib or etc directories: Permission Denied.
However when creating additional FTP users in a Plesk subscription _with a specific root folder_ that user can't create files in 'lib' directories _inside_ the subscription.
STEPS TO REPRODUCE:
1. Create subscription;
2. Create folder 'httpdocs/folder1/lib'
3. Create additional FTP user with root-path 'httpdocs/folder1'
4. Login with the new FTP user via FTP client and try to create files in the folder 'lib'
ACTUAL RESULT:
Command: PASV
Response: 227 Entering Passive Mode (185,57,8,148,235,26).
Command: STOR test.php
Response: 550 test.php: Permission denied
Error: Critical file transfer error
EXPECTED RESULT:
Status: File transfer successful, transferred 0 bytes in 1 second
ANY ADDITIONAL INFORMATION:
When not giving a specific root-folder to the new FTP user the problem does not occur. Also when disabling RLimitChroot in ProFTP conf the problem does not occur.
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
I can understand that you prevent users from changing anything in /etc or /lib. But this should be the absolute and not the relative path. Please use the absolute path so that FTP users with a specific root path can write to those folders within their own root.
ProFTPd RLimitChroot triggered on relative path when using FTP account with edited root-path
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
Plesk Onyx, 17.8.11 Update #63, CentOS7
PROBLEM DESCRIPTION:
ProFTP protects creation/mutation of files inside 'lib' and 'etc' directories as described here: FTP user is not able to access, upload or create lib or etc directories: Permission Denied.
However when creating additional FTP users in a Plesk subscription _with a specific root folder_ that user can't create files in 'lib' directories _inside_ the subscription.
STEPS TO REPRODUCE:
1. Create subscription;
2. Create folder 'httpdocs/folder1/lib'
3. Create additional FTP user with root-path 'httpdocs/folder1'
4. Login with the new FTP user via FTP client and try to create files in the folder 'lib'
ACTUAL RESULT:
Command: PASV
Response: 227 Entering Passive Mode (185,57,8,148,235,26).
Command: STOR test.php
Response: 550 test.php: Permission denied
Error: Critical file transfer error
EXPECTED RESULT:
Status: File transfer successful, transferred 0 bytes in 1 second
ANY ADDITIONAL INFORMATION:
When not giving a specific root-folder to the new FTP user the problem does not occur. Also when disabling RLimitChroot in ProFTP conf the problem does not occur.
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
I can understand that you prevent users from changing anything in /etc or /lib. But this should be the absolute and not the relative path. Please use the absolute path so that FTP users with a specific root path can write to those folders within their own root.
Last edited:
