Shane Hathaway wrote:
I did some research into this today. Note that this is actually a problem with the Medusa server used by Zope.
Thanks
3) The only remaining solution would be to bind to the data port at startup. However, the accept() call and the connect() call have a very subtle difference: accept() creates a new socket, while connect() uses the socket already created. So it would be possible to use that socket once but it would be necessary to close it at the end of the transfer, leaving subsequent connections in the same situation as before. If connect() created a new socket instead, Medusa would work much better and I bet wu-ftpd could be less convoluted. I don't think there is any alternative to connect().
Yep.
I'm sorry I don't have a better answer for you. I really thought we could solve this. I'm surprised the proxy acted so strangely for you--there's no reason why it should be dealing with user permissions, etc.; it should only pass the data from the client to the server (with minor re-parsing along the way). Perhaps a different proxy will work better.
Part of the problme is that we need to be able to set different 'anonymous' roles based on where one comes from. This is supported by wuftpd and by Zope. When you pass everything through a proxy on the zope server host however, that capability is destroyed as the proxy is now the only client. We tried having the proxy set usernames, but then we need two users for each role; one for http and one for ftp. And we will have to rewrite the proxy code to send remapped usernames in a fashion that Zope can comprehend, as the current proxy name remapping doesn't work with Zope. Couple these problems with having to keep two different authentication schemes synced leads us off a cliff very quickly.
From the number of messages I located on the net regarding this issue it is clear that a number of people have tried this and failed, not discovering the true cause of the problem. The use of firewalls is quickly increasing and the problem will only get worse. Have you considered a C shared module to handle the seteuid issue? Maybe an option for those who really need it? Import only when permissions indicate that seteuid is to be used?
Tahnks