You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
create an account docker-compose exec db mysql -u pureftpd -p'asupersecretpassword' -e "INSERT INTO users (User,Password,Uid,Gid,Dir) VALUES ('foo',ENCRYPT('test'),'1003','1005','/home/foo');" pureftpd
login in with a ftp client in my case winscp
Expected behaviour
well i should not be able to see the system files.
Actual behaviour
i can see everything and navigate and download.
Configuration
Docker version (type docker --version) : Docker version 20.10.24, build 297e128
Docker compose version if applicable (type docker-compose --version) : Docker Compose version v2.17.2
Behaviour
When logging in I have full access to the system files. even though in /etc/pure-ftpd.conf ChrootEveryone is set to yes
i was trying stuff out, if i delete everything in /etc/pure-ftpd.conf the server still starts fine. is this file being used?
Steps to reproduce this issue
Expected behaviour
well i should not be able to see the system files.
Actual behaviour
Configuration
docker --version) : Docker version 20.10.24, build 297e128docker-compose --version) : Docker Compose version v2.17.2uname -a) : docker windowsdocker-compose.yml,.env, i was able to reproduce this issue by just running the example. https://github.com/crazy-max/docker-pure-ftpd/tree/master/examples/mariadbDocker info
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc., v0.10.4)
compose: Docker Compose (Docker Inc., v2.17.2)
dev: Docker Dev Environments (Docker Inc., v0.1.0)
extension: Manages Docker extensions (Docker Inc., v0.2.19)
init: Creates Docker-related starter files for your project (Docker Inc., v0.1.0-beta.2)
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc., 0.6.0)
scan: Docker Scan (Docker Inc., v0.25.0)
scout: Command line tool for Docker Scout (Docker Inc., v0.9.0)
Server:
Containers: 4
Running: 4
Paused: 0
Stopped: 0
Images: 5
Server Version: 20.10.24
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 2456e983eb9e37e47538f59ea18f2043c9a73640
runc version: v1.1.4-0-g5fd4c4d
init version: de40ad0
Security Options:
seccomp
Profile: default
cgroupns
Kernel Version: 5.15.90.1-microsoft-standard-WSL2
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 32
Total Memory: 15.57GiB
Name: docker-desktop
ID: R23H:JWFG:UAWE:IGO5:KG2E:KKN5:F4UA:P677:OU4Y:SX47:BGKE:F2XV
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
Logs
2023-04-08 17:03:18 [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
2023-04-08 17:03:18 [s6-init] ensuring user provided files have correct perms...exited 0.
2023-04-08 17:03:18 [fix-attrs.d] applying ownership & permissions fixes...
2023-04-08 17:03:18 [fix-attrs.d] done.
2023-04-08 17:03:18 [cont-init.d] executing container initialization scripts...
2023-04-08 17:03:18 [cont-init.d] 01-config.sh: executing...
2023-04-08 17:03:18 Setting timezone to Europe/Paris...
2023-04-08 17:03:18 Use MySQL authentication method
2023-04-08 17:03:18 Waiting 45s for MySQL database to be ready...
2023-04-08 17:03:32 MySQL database ready!
2023-04-08 17:03:32 Flags
2023-04-08 17:03:32 Secure: --maxclientsnumber 5 --maxclientsperip 5 --antiwarez --customerproof --dontresolve --norename --prohibitdotfilesread --prohibitdotfileswrite
2023-04-08 17:03:32 Additional:
2023-04-08 17:03:32 All: --bind 0.0.0.0,2100 --ipv4only --passiveportrange 30000:30009 --noanonymous --createhomedir --nochmod --syslogfacility ftp --forcepassiveip 83.83.84.207 --maxclientsnumber 5 --maxclientsperip 5 --antiwarez --customerproof --dontresolve --norename --prohibitdotfilesread --prohibitdotfileswrite --login mysql:/data/pureftpd-mysql.conf
2023-04-08 17:03:32 [cont-init.d] 01-config.sh: exited 0.
2023-04-08 17:03:32 [cont-init.d] 02-service.sh: executing...
2023-04-08 17:03:32 [cont-init.d] 02-service.sh: exited 0.
2023-04-08 17:03:32 [cont-init.d] 03-uploadscript.sh: executing...
2023-04-08 17:03:33 [cont-init.d] 03-uploadscript.sh: exited 0.
2023-04-08 17:03:33 [cont-init.d] ~-socklog: executing...
2023-04-08 17:03:33 [cont-init.d] ~-socklog: exited 0.
2023-04-08 17:03:33 [cont-init.d] done.
2023-04-08 17:03:33 [services.d] starting services
2023-04-08 17:03:33 [services.d] done.
2023-04-08 17:03:37 ftp.info: Apr 8 15:03:37 pure-ftpd: (?@172.26.0.1) [INFO] New connection from 172.26.0.1
2023-04-08 17:03:43 ftp.warn: Apr 8 15:03:43 pure-ftpd: (?@172.26.0.1) [WARNING] Authentication failed for user [banana]
2023-04-08 17:03:43 ftp.info: Apr 8 15:03:43 pure-ftpd: (?@172.26.0.1) [INFO] Logout.
2023-04-08 17:04:13 ftp.info: Apr 8 15:04:13 pure-ftpd: (?@172.26.0.1) [INFO] New connection from 172.26.0.1
2023-04-08 17:04:15 ftp.info: Apr 8 15:04:15 pure-ftpd: (?@172.26.0.1) [INFO] foo is now logged in``
The text was updated successfully, but these errors were encountered: