| Server IP : 79.136.114.73 / Your IP : 18.217.162.18 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/doc/vsftpd/ |
Upload File : |
CRITICAL ======== NOT SO CRITICAL =============== - ABOR handling broken for SSL connections (does any client actually use it?) - Add -Wconversion - Don't leak SSL private key to compromised process? May be impossible. We'll see, would be an interesting security story. - Better reporting of failed uploads due to out of device space or quota all used. - Upload file size limits. - Improve FAQ, docs (ongoing..) - Sweedish, Russian etc. characters showing as ? in the log - many complaints. - "add_group" support. - Still reports FlashFXP broken when trying to do FXP. - Add negation, other support to regex handler. - Allow groups to be listed in user lists. - Allow space in username. - Minor: background should happen after listen has completed so that failure can result in a non-zero exit code. - option to chroot to home dir and THEN apply init_dir - separate upload/download max rates - select() is assuming Linux behaviour (not threatening stability) - add example global bandwidth limiting. - have a chown_uploads for non-anon users too; also more control over permissions of uploaded file ON THE BACK BURNER ================== - MLST, MLSD - LPRT, LPSV - log logout (pam session support provides this for locals) - Limits on GIDs allowed to authenticate? - Dynamic login info e.g. you are user XXX of YYY. - Handle SIGINT. - Session byte transfer counts in STAT output. - Test vsftpd with pam_opie (issues with challenge/response vs. FTP protocol?) - SITE GROUP support. - SITE UTIME? - Allow listener to listen on multiple IPs, protocols; bonus points if the different IPs can have different configs. NOT PLANNED =========== - telnet strings (no demand) - "Minimal" build support - transparent tar / compression support (no demand) - put anon FTP users in wtmp too? - Integrated test suite (I'm so lazy..) SORRY.