A bit of testing indicates that the problem is not with the symlink within the home directory path, but purely with it being hosted on another machine via NFS: related to root_squash. The ftpd process, while running as root before it sets UID/GID to the user logging in, cannot access the home directory though should be able to stat() it:
[EMAIL PROTECTED]:~# ls -l /users/amstaff/psz ls: /users/amstaff/psz: Permission denied [EMAIL PROTECTED]:~# ls -ld /users/amstaff/psz drwx------ 46 psz amstaff 4096 Aug 25 07:50 /users/amstaff/psz This guess verified with: [EMAIL PROTECTED]:~$ chmod 755 ~ ### Now 'ftp asti' finds home directory OK [EMAIL PROTECTED]:~$ chmod 700 ~ ### Back as it was, 'ftp asti' has problem Seems that ftpd tries chdir() while still root, before setting UID: surely it should set UID first, then chdir(). This seems a security risk. In the above scenario, I could arrange the machine holding the home directory to return something that would resolve to some normally inaccessible place like /root; and in fact ftpd would then have that as my "current directory". (Annoying that the final leaf cannot be a symlink; but if my home dir on asti was /users/amstaff/psz/root then on pisa I could set /user/amstaff/psz to by a symlink to /, so asti would resolve that as /root.) I do not know what misdeeds I can do by having an otherwise inaccessible cwd. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
