Why do we need to start the server from root ?Please give a theoretical answer

Why do we need to start the server from root ??Please give a theoretical answer

Hey,
While transferring a file, there are two things one is the server and other is the client. So, in the Qbox our host is our workspace. So we need to start our server from the host then client can connect it and start transferring the file.
First we make a FTP connection between client and the server.
If you thinks why FTP - FTP is a standard internet protocol provided by TCP/IP used for transmitting the files from one host to another.
Below you can see, There is a server and the client and we need a internet connection for transferring the file. By default, It will happen with port 21 but in our QBox we need to change the port number to 8081 because our QBox is running in port 8081

image

Here is the detail diagram of how our FTP will work.

1 Like

@Arham_Jain
Adding to @gouravsardanaā€™s answer, this is more of a practical restriction placed for security reasons.

You can launch the server w/o root access by

  • setting the run_as_launching_user option(highly disencouraged)
  • giving crio-user ownership of the configuration file

But, this can cause serious security issues according to vsftpd man page

run_as_launching_user

Set to YES if you want vsftpd to run as the user which launched vsftpd. This is useful where root access is not available. MASSIVE WARNING! Do NOT enable this option unless you totally know what you are doing, as naive use of this option can create massive security problems. Specifically, vsftpd does not / cannot use chroot technology to restrict file access when this option is set (even if launched by root). A poor substitute could be to use a deny_file setting such as {/,ā€¦*}, but the reliability of this cannot compare to chroot, and should not be relied on. If using this option, many restrictions on other options apply. For example, options requiring privilege such as non-anonymous logins, upload ownership changing, connecting from port 20 and listen ports less than 1024 are not expected to work. Other options may be impacted.

Default: NO

http://vsftpd.beasts.org/vsftpd_conf.html

Thanks for the question, that was new for me :slight_smile:

1 Like