Скрыть файлы с недостаточными привелегиями в vsftpd

Править исходники

Угу, уже посмотрел. Только так. :)

Вроде победил. Если кому нужно, вот патч
(добавлена новая опция hide_noaccess):

8<---------------------------------------------------------------------------
---
--- vsftpd-2.0.5/sysutil.h.orig	2006-01-07 23:01:41.000000000 +0300
+++ vsftpd-2.0.5/sysutil.h	2006-09-13 10:13:03.000000000 +0400
@@ -90,6 +90,7 @@
 int vsf_sysutil_close_failok(int fd);
 int vsf_sysutil_unlink(const char* p_dead);
 int vsf_sysutil_write_access(const char* p_filename);
+int vsf_sysutil_some_access(const char* p_filename);
 
 /* Reading and writing */
 void vsf_sysutil_lseek_to(const int fd, filesize_t seek_pos);
--- vsftpd-2.0.5/access.h.orig	2003-09-15 15:59:50.000000000 +0400
+++ vsftpd-2.0.5/access.h	2006-09-13 11:30:57.000000000 +0400
@@ -25,5 +25,7 @@
  */
 int vsf_access_check_file_visible(const struct mystr* p_filename_str);
 
+int vsf_access_check_file_access_visible(const struct mystr* p_filename_str);
+
 #endif /* VSF_ACCESS_H */
 
--- vsftpd-2.0.5/tunables.c.orig	2006-07-02 03:06:56.000000000 +0400
+++ vsftpd-2.0.5/tunables.c	2006-09-12 13:31:46.000000000 +0400
@@ -71,6 +71,7 @@
 int tunable_mdtm_write = 1;
 int tunable_lock_upload_files = 1;
 int tunable_pasv_addr_resolve = 0;
+int tunable_hide_noaccess = 0;
 
 unsigned int tunable_accept_timeout = 60;
 unsigned int tunable_connect_timeout = 60;
--- vsftpd-2.0.5/parseconf.c.orig	2006-07-02 03:05:10.000000000 +0400
+++ vsftpd-2.0.5/parseconf.c	2006-09-12 13:25:58.000000000 +0400
@@ -99,6 +99,7 @@
   { "mdtm_write", &tunable_mdtm_write },
   { "lock_upload_files", &tunable_lock_upload_files },
   { "pasv_addr_resolve", &tunable_pasv_addr_resolve },
+  { "hide_noaccess", &tunable_hide_noaccess },
   { 0, 0 }
 };
 
--- vsftpd-2.0.5/tunables.h.orig	2006-07-02 03:07:00.000000000 +0400
+++ vsftpd-2.0.5/tunables.h	2006-09-13 11:32:54.000000000 +0400
@@ -67,6 +67,7 @@
 extern int tunable_mdtm_write;                /* Allow MDTM to set timestamps */
 extern int tunable_lock_upload_files;         /* Lock uploading files */
 extern int tunable_pasv_addr_resolve;         /* DNS resolve pasv_addr */
+extern int tunable_hide_noaccess;               /* Hide no permission objects */
 
 /* Integer/numeric defines */
 extern unsigned int tunable_accept_timeout;
--- vsftpd-2.0.5/sysutil.c.orig	2006-07-03 20:26:40.000000000 +0400
+++ vsftpd-2.0.5/sysutil.c	2006-09-13 10:50:58.000000000 +0400
@@ -1208,6 +1208,15 @@
   return (retval == 0);
 }
 
+int
+vsf_sysutil_some_access(const char* p_filename)
+{
+  int retval = access(p_filename, R_OK) &&
+	access(p_filename, W_OK) &&
+	access(p_filename, X_OK);
+  return (retval == 0);
+}
+
 static void
 vsf_sysutil_alloc_statbuf(struct vsf_sysutil_statbuf** p_ptr)
 {
--- vsftpd-2.0.5/access.c.orig	2004-07-02 15:22:28.000000000 +0400
+++ vsftpd-2.0.5/access.c	2006-09-13 11:35:00.000000000 +0400
@@ -70,3 +70,13 @@
   return 1;
 }
 
+int
+vsf_access_check_file_access_visible(const struct mystr* p_filename_str)
+{
+  if (tunable_hide_noaccess && !vsf_sysutil_some_access(str_getbuf(p_filename_str)))
+  {
+    return 0;
+  }
+  return 1;
+}
+
--- vsftpd-2.0.5/ls.c.orig	2005-05-24 01:55:00.000000000 +0400
+++ vsftpd-2.0.5/ls.c	2006-09-13 10:29:40.000000000 +0400
@@ -126,6 +126,10 @@
      */
     str_copy(&s_next_path_and_filename_str, &normalised_base_dir_str);
     str_append_str(&s_next_path_and_filename_str, &s_next_filename_str);
+    if (!vsf_access_check_file_access_visible(&s_next_path_and_filename_str))
+    {
+      continue;
+    }
     if (do_stat)
     {
       /* lstat() the file. Of course there's a race condition - the
--- vsftpd-2.0.5/vsftpd.conf.5.orig	2006-07-02 03:05:57.000000000 +0400
+++ vsftpd-2.0.5/vsftpd.conf.5	2006-09-13 12:19:35.000000000 +0400
@@ -253,6 +253,12 @@
 
 Default: NO
 .TP
+.B hide_noaccess
+If enabled, hide all directory entries in a directory listing to which the current
+logged-in, authenticated user has no access.
+
+Default: NO
+.TP
 .B listen
 If enabled, vsftpd will run in standalone mode. This means that vsftpd must
 not be run from an inetd of some kind. Instead, the vsftpd executable is
8<---------------------------------------------------------------------------
--------

Ну так зашли его разработчикам, может примут.

Попробую. Но очень сомневаюсь.

Расскажешь потом, чем дело кончилось?