vsftp: anomymous can upload but not download

September 20, 2007

vsftp: anomymous can upload but not download

This bug seems to be here from a long time. Even if a patch exists, the bug is still here in the most recent version.
Here is the resolution (I assume gcc is installed):

Stop your vsftpd daemon: service vsftpd stop
Download the lastest source package (vsftpd-2.0.5 so far) from http://vsftpd.beasts.org.

gunzip and untar


# gunzip vsftpd-2.0.5.tar.gz
# tar xf vsftpd-2.0.5.tar
# cd vsftpd-2.0.5

A couple of files must be changed

postlogin.c, line 1831

Replace


...
if (p_sess->is_anonymous && tunable_chown_uploads)
  {
    vsf_sysutil_fchmod(new_file_fd, 0600);
    if (tunable_one_process_model)
    {
...


...
if (p_sess->is_anonymous && tunable_chown_uploads)
  {
    vsf_sysutil_fchmod(new_file_fd, (0666 & ~tunable_anon_umask));
    if (tunable_one_process_model)
    {
...

tunable.c, line 129,130

Replace


/* -rw-rw-rw- */
unsigned int tunable_file_open_mode = 0666;


/* -rw------- */
unsigned int tunable_file_open_mode = 0600;

builddefs.c, line 9

Replace


#undef VSF_BUILD_TCPWRAPPERS


#define VSF_BUILD_TCPWRAPPERS

vsf_findlibs.sh

This script doesn't work on 64 bits systems.
I added
```
[ `uname -m` == "x86_64" ] && LIB=lib64 || LIB=lib
```
at the begining, and I replaced all
locate_library /lib/ by
locate_library /$LIB/
and echo "/lib/libpam.so.0"; (line 17)
by echo "/$LIB/libpam.so.0";

Compile: make
Replace /usr/sbin/vsftpd by the new version
Restart your vsftpd daemon: service vsftpd start

Tested on RedHat Enterprise Linux 4 (32 and 64 bits)

Search This Blog

Lone in the night

vsftp: anomymous can upload but not download

Comments

Popular Posts

Where is Brian?

Emulation of Fujitsu MB8877 Floppy Disk Controler with Arduino