Bug 151337 - RFE: pure-ftpwho and non-root accounts
Summary: RFE: pure-ftpwho and non-root accounts
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: pure-ftpd
Version: 3
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Aurelien Bompard
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-03-17 01:48 UTC by Jose Pedro Oliveira
Modified: 2007-11-30 22:11 UTC (History)
0 users

(edit)
Clone Of:
(edit)
Last Closed: 2005-03-24 08:52:59 UTC


Attachments (Terms of Use)
RFE: pure-ftpwho and non-root accounts (3.60 KB, patch)
2005-03-17 01:52 UTC, Jose Pedro Oliveira
no flags Details | Diff

Description Jose Pedro Oliveira 2005-03-17 01:48:01 UTC
Aurelien,

This is a RFE (Request For Enhancement) regarding pure-ftpd:
I would like to be able to run pure-ftpwho without being root.

The patch - pure-ftpd-1.0.20-rfe.patch - modifies/creates the following files:
1) Modifies - pure-ftpd.spec (usermode/pure-ftpwho + pedantic)
2) Adds - /etc/pam.d/pure-ftpwho
3) Adds - /etc/security/console.apps/pure-ftpwho
4) Modifies /etc/rc.d/init.d/pure-ftpd (pedantic)

The usermode files are based on the ones included in the package hddtemp (also
in extras).

Target branches: FC-3 and devel

TIA,
jpo

Comment 1 Jose Pedro Oliveira 2005-03-17 01:52:21 UTC
Created attachment 112067 [details]
RFE: pure-ftpwho and non-root accounts

Comment 2 Aurelien Bompard 2005-03-23 22:24:20 UTC
Looks sane, and works fine. Committed.
Concerning potential security problems, here's something from the official FAQ :
=========
http://www.pureftpd.org/FAQ
---
-> How do I give access to the 'pure-ftpwho' command to non-root users?
The 'pure-ftpwho' command is restricted to root by default, because users
probably shouldn't be given the ability to spy what other users are doing on
the same host. However, it's safe to put the setuid bit on that command, in
order to have it work as any user:
    chmod 4711 /usr/local/sbin/pure-ftpwho
----
Using usermode is just better. (only local users are allowed).

Thanks Jose.


Note You need to log in before you can comment on or make changes to this bug.