This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: vsftpd daemon does not run as root , but it may still be possible for a malicious user to use a local root exploit to gain root access. Running vsftpd in the restricted environment of a chroot jail makes it sig-nificantly less likely that a malicious user can compromise the system. Without root access, the malicious user can see only other files in the chroot jail, rendering an attack harmless. 9. After dod you fix it? 19 10. How would you configure vsftpd to run through xinetd , and what would be the main advantage of this approach? To configure vsftpd to run through xinetd , set listen=NO in /etc/vsftpd/vsftpd.conf , and create an xinetd configuration file for vsftpd in /etc/xinetd.d . This configuration allows you to provide finer-grained access control to the server....
View Full Document
- home directory, configuration file, Privilege escalation, chroot jail