[gollem] FTP directory perms

Rich West Rich.West@divatv.com
Tue, 05 Mar 2002 13:27:57 -0500


Bah... dummy me.  It was a configuration error on the test account I was 
using.  It seems I disabled the DefaultRoot setting during a previous 
test and never re-enabled it. :(

Sorry for the confusion!
-Rich


Lars Anderson wrote:

>On Tue, Mar 05, 2002 at 12:33:24, Rich West wrote:
>
>>I've tinkered with gollem in the past and I really like the idea behind 
>>it.  The only reason I have not deployed it is because of the general 
>>security problems with FTP.
>>
>>I have noticed that gollem, and I am guessing this is an artifact of PHP 
>>--with-ftp compiled in, allows all users to browse the entire system (if 
>>the ftp server is the same as the web server).  I mean, if you change 
>>the "dir" variable within the URL, you can get anywhere on the system 
>>(kinda scary), and this bypasses the normal FTP 'root-jail' setups for 
>>accounts.
>>
>
>Use an ftp server that can jail the user, we use proFTPd.
>
>>Is there a way to configure it to observe the FTP server permissions 
>>even if the FTP server resides on the same host as the web server for 
>>the Horde system?
>>
>
>Huh? It does, gollem is "just" an ftp client.
>
>Regards
>Lars
>




>From chuck@horde.org Date: Tue,  5 Mar 2002 15:45:37 -0500
Return-Path: <chuck@horde.org>
Mailing-List: contact gollem-help@lists.horde.org; run by ezmlm
Delivered-To: mailing list gollem@lists.horde.org
Received: (qmail 25055 invoked from network); 5 Mar 2002 20:46:16 -0000
Received: from h00104bc60b3c.ne.mediaone.net (HELO marina.horde.org) (24.91.196.127)
  by clark.horde.org with SMTP; 5 Mar 2002 20:46:16 -0000
Received: by marina.horde.org (Postfix, from userid 33)
	id 275A039A4; Tue,  5 Mar 2002 15:45:38 -0500 (EST)
Received: from 192.168.0.115 ( [192.168.0.115])
	as user chuck@localhost by marina.horde.org with HTTP;
	Tue,  5 Mar 2002 15:45:37 -0500
Message-ID: <1015361137.3c852e71f0f10@marina.horde.org>
Date: Tue,  5 Mar 2002 15:45:37 -0500
From: Chuck Hagenbuch <chuck@horde.org>
To: gollem@lists.horde.org
References: <1015345837.3c84f2ad9a97c@mailserver>
In-Reply-To: <1015345837.3c84f2ad9a97c@mailserver>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 4.0-cvs
Subject: Re: [gollem] Horde 3 with Gollem 0.01 (cvs)

Quoting Marcel Selhorst <marcel.selhorst@web.de>:

> Everything works really fine,
> the only problem is Gollem.
> I can login to my ftp-server,
> see the directory and the
> files, but when I try to download
> something with IE6
> I only get that the page
> cannot be displayed.

Do you have anything in your webserver's logs? Any other logs? Any messages 
beyond that?

> Are you going to develope
> gollem to follow symbolic links
> on the FTP?

It would be a nice feature. Patch?

-chuck

--
Charles Hagenbuch, <chuck@horde.org>
"A dream which helps you to live your reality with dignity
 and justice is a good dream." - Tariq Ramadan


>From marcel.selhorst@web.de Date: Tue,  5 Mar 2002 23:42:46 +0100
Return-Path: <marcel.selhorst@web.de>
Mailing-List: contact gollem-help@lists.horde.org; run by ezmlm
Delivered-To: mailing list gollem@lists.horde.org
Received: (qmail 34559 invoked from network); 5 Mar 2002 22:43:20 -0000
Received: from p3ee20cbb.dip.t-dialin.net (HELO mailserver.wuestenkrieger) (62.226.12.187)
  by clark.horde.org with SMTP; 5 Mar 2002 22:43:20 -0000
Received: from localhost (localhost [127.0.0.1])
	by mailserver.wuestenkrieger (8.11.6/8.11.6) with ESMTP id g25MhHD05232
	for <gollem@lists.horde.org>; Tue, 5 Mar 2002 23:43:17 +0100
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=ISO-8859-1
Date: Tue,  5 Mar 2002 23:42:46 +0100
From: Marcel Selhorst <marcel.selhorst@web.de>
In-Reply-To: <1015361137.3c852e71f0f10@marina.horde.org>
Message-ID: <1015368166.3c8549e61e14a@mailserver>
MIME-Version: 1.0
Received: from localhost
	by localhost (AvMailGate-6.12.0.0) id 05225-716D3365;
	Tue, 05 Mar 2002 23:42:46 +0100
Received: from krieger.wuestenkrieger ( [krieger.wuestenkrieger])
	as user massi@localhost by mailserver with HTTP;
	Tue,  5 Mar 2002 23:42:46 +0100
References: <1015345837.3c84f2ad9a97c@mailserver> <1015361137.3c852e71f0f10@marina.horde.org>
To: gollem@lists.horde.org
User-Agent: Internet Messaging Program (IMP) 4.0-cvs
X-AntiVirus: OK! AvMailGate Version 6.12.1.22
	 at mailserver has not found any known virus in this email.
X-Originating-IP: 192.168.100.101
Subject: Re: [gollem] Horde 3 with Gollem 0.01 (cvs)

Hi, 

> > Everything works really fine,
> > the only problem is Gollem.
> > I can login to my ftp-server,
> > see the directory and the
> > files, but when I try to download
> > something with IE6
> > I only get that the page
> > cannot be displayed.
> 
> Do you have anything in your webserver's logs? Any other logs? Any messages

Yes, I figured out, that my error_log of Apache says:
Segmentation Fault (11) ...
Horde.log says that I succesfully connected to FTP
BTW: When connection to the Apache over SSL i do not
get "The page cannot be displayed" in my Internet Explorer
but the message "Navigation cancelled" without doing
anything. In the logs does "Segmentation fault" not appear
while connecting via SSL ...
But it doesn´t work either.