English Italian
*Strong separation of privileged and non-privileged processes* — Separate processes handle different tasks, and each of these processes run with the minimal privileges required for the task.
*Tasks requiring elevated privileges are handled by processes with the minimal privilege necessary* — By leveraging compatibilities found in the `libcap` library, tasks that usually require full `root` privileges can be executed more safely from a less privileged process.
*Most processes run in a [command]#chroot# jail* — Whenever possible, processes are change-rooted to the directory being shared; this directory is then considered a [command]#chroot# jail. For example, if the directory [command]#/var/ftp/# is the primary shared directory, [command]#vsftpd# reassigns [command]#/var/ftp/# to the new root directory, known as [command]#/#. This disallows any potential malicious hacker activities for any directories not contained below the new root directory.
Use of these security practices has the following effect on how [command]#vsftpd# deals with requests:
*The parent process runs with the least privileges required* — The parent process dynamically calculates the level of privileges it requires to minimize the level of risk. Child processes handle direct interaction with the `FTP` clients and run with as close to no privileges as possible.
*All operations requiring elevated privileges are handled by a small parent process* — Much like the Apache `HTTP` Server, [command]#vsftpd# launches unprivileged child processes to handle incoming connections. This allows the privileged, parent process to be as small as possible and handle relatively few tasks.
*All requests from unprivileged child processes are distrusted by the parent process* — Communication with child processes are received over a socket, and the validity of any information from child processes is checked before being acted on.
*Most interaction with `FTP` clients is handled by unprivileged child processes in a [command]#chroot# jail* — Because these child processes are unprivileged and only have access to the directory being shared, any crashed processes only allows the attacker access to the shared files.
Files Installed with [command]#vsftpd#
indexterm:[vsftpd,RPM,files installed by] The `vsftpd` RPM installs the daemon (`/usr/sbin/vsftpd`), its configuration and related files, as well as `FTP` directories onto the system. The following lists the files and directories related to [command]#vsftpd# configuration:
`/etc/rc.d/init.d/vsftpd` — The *initialization script* (_initscript_) used by the [command]#systemctl# command to start, stop, or reload [command]#vsftpd#. See xref:File_and_Print_Servers.adoc#s2-ftp-vsftpd-start[Starting and Stopping [command]#vsftpd#] for more information about using this script.
`/etc/pam.d/vsftpd` — The Pluggable Authentication Modules (PAM) configuration file for [command]#vsftpd#. This file specifies the requirements a user must meet to login to the `FTP` server. For more information on PAM, refer to the [citetitle]_Using Pluggable Authentication Modules (PAM)_ chapter of the {MAJOROSVER} [citetitle]_Managing Single Sign-On and Smart Cards_ guide.
`/etc/vsftpd/vsftpd.conf` — The configuration file for [command]#vsftpd#. See xref:File_and_Print_Servers.adoc#s2-ftp-vsftpd-conf[[command]#vsftpd# Configuration Options] for a list of important options contained within this file.
`/etc/vsftpd/ftpusers` — A list of users not allowed to log into [command]#vsftpd#. By default, this list includes the `root`, `bin`, and `daemon` users, among others.
`/etc/vsftpd/user_list` — This file can be configured to either deny or allow access to the users listed, depending on whether the [command]#userlist_deny# directive is set to [command]#YES# (default) or [command]#NO# in `/etc/vsftpd/vsftpd.conf`. If `/etc/vsftpd/user_list` is used to grant access to users, the usernames listed must *not* appear in `/etc/vsftpd/ftpusers`.
`/var/ftp/` — The directory containing files served by [command]#vsftpd#. It also contains the `/var/ftp/pub/` directory for anonymous users. Both directories are world-readable, but writable only by the `root` user.
Starting and Stopping [command]#vsftpd#
indexterm:[vsftpd,starting]indexterm:[vsftpd,stopping]indexterm:[vsftpd,status]indexterm:[vsftpd,condrestart]indexterm:[vsftpd,restarting] The `vsftpd` RPM installs the `/etc/rc.d/init.d/vsftpd` script, which can be accessed using the [command]#systemctl# command.
To start the server, as `root` type:
[command]#systemctl start vsftpd.service#