6
Jul/093

Linux: vsftpd and symbolic links

vsftpd is all about security, and that’s why you cannot access linked directories through vsftpd with any ftp client. My arguement is that if you know how to use symlinks, or are careful enough not to link directories you don’t want to share then who’s vsftpd to butt in and completely disallow you to use such convenient feature of an OS? Reminds me of Windows Server type security… they block IE by default so that you have to either allow every single site, or disable IE ESC altogether.

Here is my convenient workaround: use mount bind!

mount --bind /sourcedirectory /destinationdirectory

You can either use @reboot cron job to have the directories mounted, or mount though fstab by adding the following line:

/directory-you-want-to-mount /destination-directory none bind

Haa… gotcha, but don’t go too fast! This is mount, not ln and will NOT create a mount point in your destination directory. For instance, if you want to mount /home/share to /home/user/share you will need to create /home/user/share first, then mount. Also keep in mind that if you have a copy or rsync job to copy contents of /home/share AND /home/user recursively, you will create two full copies of /home/share directory. One in /home/share and one in /home/user/share. Exclude one of the directories from your cp or rsync job.

Share this article
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • Twitter
  • LinkedIn

Related posts:

  1. Linux: Mount remote Windows shares with smbfs
  2. Linux: A simple and quick way of sharing a folder with Windows systems using Samba
  3. Linux: Copy files between Linux Servers with scp
  4. Linux: User management
  5. Debian: ssh authentication key instead of password – RSA key pairs

Enjoy this article?

Consider subscribing to our rss feed!

Tagged as:
3 Comments
Comments (3) Trackbacks (0)
  1. Kevin Carpenter
    8:52 AM on January 25th, 2010
    Google Chrome 4.0.249.78 Google Chrome 4.0.249.78 Windows 7 Windows 7
    Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.78 Safari/532.5

    Nicely put, a small search with Google brought your site in number 3. I look forward to linking to it later to help bring it up on that ladder. I like the server, but that was certainly an annoyance and brought me to having to either re-think the setup of my web server or…

    Thanks for pointing this out and documenting it.

  2. Ali
    12:12 PM on February 3rd, 2010
    Firefox 3.5.7 Firefox 3.5.7 Windows 7 Windows 7
    Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 GTBDFff GTB7.0 (.NET CLR 3.5.30729)

    Glad it was helpful, and thanks :)

  3. aaa
    5:07 AM on February 12th, 2010
    Firefox 3.5.7 Firefox 3.5.7 Windows Vista Windows Vista
    Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7

    Well, it’s not about paranoid security, it’s about the fact that vsftpd chroots into the ftp root for every user. If your symlink points out of the chroot tree, don’t be surprised you can’t access it ;-)

Leave a comment

No trackbacks yet.

Recent Comments

Tag Cloud

Categories

RSS Google Sci/Tech Feed

RSS DistroWatch Feed

Archives

Links