Modify

Ticket #404 (reopened task)

Opened 4 years ago

Last modified 13 months ago

PloneFTP should not run as root

Reported by: grant Owned by:
Priority: critical Milestone: 4.6
Component: AuthorProfile Severity: New Ticket
Keywords: Cc:
Who will test this: And

Description

PlumiFTP is running as root which is not ideal from a security perspective. Can we modify it so it can run without needing to do so?

Comment from Dimo:

I don't know of any way of doing that without changing how plumiftp works. The plumiftp init script will always need root privileges to bind to port 21 for listening ftp connections.

Grant, do you know of any sysadmin trick to make plumiftp drop the root privileges but keep using port 21?

I'm afraid we would have to modify plumiftp significantly in the next version so that it drops its root privileges right after it binds port 21. But that's beyond the scope of the current contract.

Comment from Grant:

Nope - no idea - the whole thing needs some research & assessment. How do other FTP daemons do it?

Attachments

Change History

comment:1 Changed 3 years ago by and

  • Milestone changed from 4.3 to 4.1 Beta

comment:2 Changed 3 years ago by anna

  • Milestone changed from 4.1 Beta 1 to 4.1 Beta 2

comment:3 Changed 3 years ago by anna

  • Priority changed from major to critical

comment:4 Changed 3 years ago by anna

Can somebody clarify this via email please - in terms of what the risk is.

comment:5 Changed 3 years ago by mike

  • Status changed from new to closed
  • Resolution set to fixed

This was done in 4.1.

comment:6 Changed 3 years ago by dimo

  • Status changed from closed to reopened
  • Resolution fixed deleted
  • Summary changed from PlumiFTP should not run as root to PloneFTP should not run as root

apparently this is still an issue in production builds with ploneftp listening on port 21

This link could be helpful:  http://stackoverflow.com/questions/2699907/dropping-root-permissions-in-python

comment:7 Changed 3 years ago by and

  • Priority changed from critical to blocker

comment:8 Changed 3 years ago by dimo

  • Milestone changed from 4.3 Beta1 to 4.5 Beta Refactoring

comment:9 Changed 13 months ago by and

  • Severity set to New Ticket
  • Milestone changed from 4.8 to 4.6

comment:10 Changed 13 months ago by anna

  • Priority changed from blocker to critical

comment:11 Changed 13 months ago by anna

would be great to get an estimate of time needed to do this, or a rundown of what might be involved.

View

Add a comment

Modify Ticket

Action
as reopened
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.