id	summary	reporter	owner	description	type	status	priority	milestone	component	severity	resolution	keywords	cc	tester
404	PloneFTP should not run as root	grant		"PlumiFTP is running as root which is not ideal from a security perspective. Can we modify it so it can run without needing to do so?

Comment from Dimo:

I don't know of any way of doing that without changing how plumiftp works. The plumiftp init script will always need root privileges to bind to port 21 for listening ftp connections.

Grant, do you know of any sysadmin trick to make plumiftp drop the root privileges but keep using port 21?

I'm afraid we would have to modify plumiftp significantly in the next version so that it drops its root privileges right after it binds port 21. But that's beyond the scope of the current contract.


Comment from Grant:

Nope - no idea - the whole thing needs some research & assessment. How do other FTP daemons do it?
"	task	reopened	critical	4.6	AuthorProfile	New Ticket				And