Hello John,

There are some things that you can try.

What if you connect from localhost and transfer files, is it still very
slow?
Try to disable TLS/SSL and see if this improve performance.
Increase debug level and check the log for any errors.

Well, I am learning lots about FTP :-)

I didn't realize that FTP uses extra ports for data channels (yes, I am a newbie). I use the PF firewall, which of course was blocking the needed ports. Once I opened them, the connections worked perfectly.

I also moved the control port from 21 to a higher port, and disabled insecure FTP connections, requiring TLS/SSL for login.

I also added pureftpd-enable="YES" to rc.conf, so I can start it up with /usr/local/etc/rc.d/pure-ftpd restart.

So far, so good (newbie pats himself on back.) :-)

Now I have just one major league problem: when I logged in as one of the users, to test the connections, I discovered that I had SUPER POWERS. I was able to delete any file that I could see, including ones that were owned by root. Digging uncovered the fact that pure- ftpd runs with root privileges... not so good for my situation.

My guess is I need to compile with the --with-privsep switch turned on...

So, finally I have a real FreeBSD question!

What is the proper way, in ports, to set a configuration flag? The only way I could figure out was to add it to the Makefile.
        PRIVSEP "Enable privilege separation" on \

If this is the correct way to turn this compile switch on, it doesn't seem to work. After running:

make deinstall
make config             # checking the privilage separation box
make reinstall

The logged in user can still delete any file, regardless of permissions or ownership. This is clearly a problem... I don't want my users to be able to blow away their own websites while they are uploading some images. I am still digging for info on this problem. Any thoughts, much appreciated!

-- John

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to