Hey ,

I'm currently experimenting with vsftpd.

What I want is a FTP Server with full write and read permissions.

I set up an User on the OpenSuse Maschine called ftpuser.

This is my config file:

Code:
# my Configuration:
listen=YES

# Boolean Settings
anonymous_enable=NO
ascii_download_enable=YES
ascii_upload_enable=YES
async_abor_enable=YES
chmod_enable=NO
chroot_local_user=YES
connect_from_port_20=YES
delete_failed_uploads=YES
dirlist_enable=YES
download_enable=YES
dual_log_enable=YES
hide_ids=YES
local_enable=YES
lock_upload_files=NO
log_ftp_protocol=YES
ls_recurse_enable=NO
mdtm_write=NO
no_log_lock=NO
one_process_model=NO
passwd_chroot_enable=YES
pasv_enable=YES
require_ssl_reuse=YES
setproctitle_enable=YES
ssl_enable=NO
use_localtime=YES
userlist_deny=NO
userlist_enable=YES
userlist_file=/etc/vsftpd.enabled_users_list
write_enable=YES
xferlog_enable=YES

# Numeric Settings
delay_failed_login=3
local_max_rate=100000
max_clients=10

# String Options
ftpd_banner=Welcome to Timothy's FTP Server :-)
pam_service_name=vsftpd
First question is to chroot_local_user. I set this to YES cause it makes sense for me that the ftpuser is locked into his home directory. However Manpages of vsftpd say this:
Warning: This option has security implications, especially if the users have upload permission, or shell access. Only enable if you know what you are doing. Note that these security implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users in chroot() jails.
Can someone explain this to me ?

Second question is concerning file editing. So if I connect from my WindowsMaschine to the FTP Server I can create new files, but if I want to edit a file which was created on the openSuse Machine I can't edit it from the Windows Maschine.
I'll post the error number when I'm back home.

Can somebody generally tell me if my Config is okay and secure ?

Cheerio
Tim