User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2
Félix Barbeira - Dinahosting Dpto. Soporte Linux wrote:
I use Mac OS X Server 10.4.2 Tiger with vsftpd 2.0.3 in a Xserve G5. I
load the vsftpd through a plist file:
[...]
To load the ftp server I type the following:
# launchctl load /System/Library/LaunchDaemons/vsftpd.plist
When a user connects to the system in the process list appears two
process, one executed by root and another executed by the connected
user (in the following case there are two users connected: "admin" and
"nekos"):
# ps aux | grep ftp
root 4453 0.0 0.1 27784 600 ?? Ss 6:27PM 0:00.01
/usr/local/sbin/vsftpd
admin 4459 0.0 0.0 27772 300 ?? S 6:28PM 0:00.00
/usr/local/sbin/vsftpd
root 4466 0.0 0.1 27784 592 ?? Ss 6:29PM 0:00.01
/usr/local/sbin/vsftpd
nekos 4468 0.0 0.0 27772 308 ?? S 6:29PM 0:00.00
/usr/local/sbin/vsftpd
root 4472 0.0 0.0 18040 320 p0 R+ 6:29PM 0:00.00
grep ftp
#
In a unix system
Any unix system?
it´s common have one process by one user connected without the process
executed by root, it´s common that root execute one "vsftpd" process
every time that an user open a session on the xserver?
one_process_model
If you have a Linux 2.4 kernel, it is possible to use a different
security model which only uses one process per connection. It is a
less pure security model, but gains you performance. You really
don't want to enable this unless you know what you are doing, and
your site supports huge numbers of simultaneously connected users.
Default: NO
As far as I understand what they tell on their site, it seems that the
default (and strongest) security model for vsftpd is to have two
processes (kind of privilege separation à la sshd).
