服务器 Gind.cn
  1. 服务器 Gind.cn
  3. vsftpd不允许匿名用户追加到现有文件(APPE)
Intereting Posts
使用openvpn在Linux服务器上build立辅助networking接口(VPN) 防火墙对虚拟机的影响 Ruby:隐藏WEBrick httpd版本 Nginx Rewite – 匹配结束Url不工作 如何添加新的主机名到现有的虚拟主机在Apache? 除RFC1918之外的所有其他CIDR范围 如何使用Windows netsh firewall命令只允许所有端口上的特定ipaddress并拒绝所有其他ipaddress? Windows 2008 R2 Windows备份是否需要在registry中进行更改以允许备份Hyper-V? 在通过远程模块运行命令和在powershell中执行Invoke-Command之间的区别 nagios-plugins – check_ntp_time没有检测到不正确的偏移量 FreeBSD Server .htaccess问题 如何在只有一个NIC / IP的Windows 2003 Server上设置VPN 如何设置Django与IIS 8? Mac不尊重Windows共享文件夹NTFS权限 后缀似乎有时忽略reject_unauth_destination

vsftpd不允许匿名用户追加到现有文件(APPE)

我有vsftpd的问题,不允许匿名用户追加到他们上传的文件。 上传文件最初是完美的文件。 更改上传的文件的权限不起作用。 有没有设置,我一直无法find允许附加到现有的文件?

对于一些背景,我试图解决的问题是允许上传继续,如果上传被破坏。

在以下日志中find一个示例: 

Tue Jan 3 14:06:38 2012 [pid 28433] CONNECT: Client "xxx.xxx.xxx.xxx" Tue Jan 3 14:06:38 2012 [pid 28433] FTP response: Client "xxx.xxx.xxx.xxx", "220 (vsFTPd 2.2.2)" Tue Jan 3 14:06:40 2012 [pid 28433] FTP command: Client "xxx.xxx.xxx.xxx", "USER anonymous" Tue Jan 3 14:06:40 2012 [pid 28433] [anonymous] FTP response: Client "xxx.xxx.xxx.xxx", "331 Please specify the password." Tue Jan 3 14:06:41 2012 [pid 28433] [anonymous] FTP command: Client "xxx.xxx.xxx.xxx", "PASS <password>" Tue Jan 3 14:06:41 2012 [pid 28432] [ftp] OK LOGIN: Client "xxx.xxx.xxx.xxx", anon password "?" Tue Jan 3 14:06:41 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "230 Login successful." Tue Jan 3 14:06:41 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "SYST" Tue Jan 3 14:06:41 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "215 UNIX Type: L8" Tue Jan 3 14:06:56 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "CWD uploads" Tue Jan 3 14:06:56 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "250 Directory successfully changed." Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "TYPE I" Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "200 Switching to Binary mode." Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "PORT xxx.xxx.xxx.xxx,229,167" Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "200 PORT command successful. Consider using PASV." Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "STOR test" Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "150 Ok to send data." Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] OK UPLOAD: Client "xxx.xxx.xxx.xxx", "/uploads/test", 12 bytes, 0.15Kbyte/sec Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "226 Transfer complete." Tue Jan 3 14:07:11 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "PORT xxx.xxx.xxx.xxx,222,100" Tue Jan 3 14:07:11 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "200 PORT command successful. Consider using PASV." Tue Jan 3 14:07:11 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "APPE test" Tue Jan 3 14:07:11 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "550 Permission denied." Tue Jan 3 14:07:13 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "QUIT" Tue Jan 3 14:07:13 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "221 Goodbye."

我build议你想将anon_other_write_enable设置为YES。

根据vsftpd文档 :

如果设置为YES,匿名用户将被允许执行写入操作,而不是上载和创build目录,如删除和重命名。 这通常不被推荐,但为了完整性而被包括在内。 默认:NO

但问题是,有了这个,任何匿名用户都可以修改/覆盖任何其他匿名上传的文件。

(作为提及的一点,vsftpd将'写入操作'定义为:STOR,DELE,RNFR,RNTO,MKD,RMD,APPE和SITE。