Package: vsftpd Version: 2.3.5-3 Severity: important -- Detailed issue:
Hi, vsftpd 2.3.5-3 fails to start when allow_writeable_chroot=YES is present in the configuratoin file. Changelog for 2.3.4 (https://security.appspot.com/vsftpd/Changelog.txt): --------------------------------- - Add stronger checks for the configuration error of running with a writeable root directory inside a chroot(). This may bite people who carelessly turned on chroot_local_user but such is life. --------------------------------- Changelog for 2.3.5 (https://security.appspot.com/vsftpd/Changelog.txt): --------------------------------- - Add new config setting "allow_writeable_chroot" to help people in a bit of a spot with the v2.3.5 defensive change. Only applies to non-anonymous. --------------------------------- However, when we put the allow_writeable_chroot option in the config file /etc/vsftpd.conf and then try to restart it, if silently fails to start (process dies). The 3.0.0 version seems to solve the issue but backporting isn't an option for me and the updated version in Wheezy is currently 2.3.5-3. -- System Information: Debian Release: 7.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-486 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages vsftpd depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.49 ii libc6 2.13-38 ii libcap2 1:2.22-1.2 ii libpam-modules 1.1.3-7.1 ii libpam0g 1.1.3-7.1 ii libssl1.0.0 1.0.1e-2+deb7u3 ii libwrap0 7.6.q-24 ii netbase 5.0 Versions of packages vsftpd recommends: ii logrotate 3.8.1-4 vsftpd suggests no packages. -- Configuration Files: /etc/vsftpd.conf changed: listen=YES anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=NO chroot_local_user=YES secure_chroot_dir=/var/run/vsftpd/empty pam_service_name=vsftpd rsa_cert_file=/etc/ssl/private/vsftpd.pem passwd_chroot_enable=YES chmod_enable=NO ftpd_banner="Welcome" -- debconf information: vsftpd/directory: /srv/ftp vsftpd/username: ftp -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
