I don't like the solution of just rejecting all symbolic links. I think we should
simply check the absolute/real path of any user input paths and if the absolute path
is outside the home directory, then return an error response.

This way users don't have to lose the possible benefits of symbolic links, but
they're kept safe from path traversal vulnerabilities.

Uhm... I agree with you. 
Let's see what Yan Raber thinks about it since he's the one who solved the old path
traversal problem (see issue #9 ).

Today I passed a part of the afternoon on working on this issue.
As far as I can say I guess that implementing this kind of stuff will be a real pain
since the "normalize" method logic is currently based on strings and not on a "real"
filesystem reference.

Moreover, I thought about eventual recursion problems we could encounter when
following symlinks.
I was thinking about the following scenario:

linux-box$ ln -s 1 2
linux-box$ ln -s 2 1

...which would cause an infinite recursion loop since the two links points to 
each other.

Another problem is writing a reliable test suite for testing this kind of things. It
would require a lot of work, and I'm not even sure if we could be able to re-create
all the test conditions involved.

Guys, it seems we made it.
The followings changes have been included in commit #185
( 
http://groups.google.com/group/pyftpdlib-commit/browse_thread/thread/9145777076f0c3e1 ):


- Added the new AbstractedFS.checksymlink() method used for checking symlinks
validity. It is invoked when receiving an argument (the pathname) for those commands
which may be affected by path traversal (APPE, CWD, MDTM, RETR, SIZE, STOR, and XCWD).

- Added a new BadSymlink class inheriting from Exception. It is intended for using by
checksymlink method for providing different error messages when checked link is not
valid.

- Included a solid test suite for testing the cases checked by checksymlinks method:
valid links, broken links, circular links, links which points to a path outside the
user's root.


The test suite has been run successfully on my Linux Ubuntu, the only OS I currently
have which supports symlinks.

- used os.path.realpath to follow symbolic links.

- removed the check for broken and circular symlinks; if a link is broken or circular
the os.* call itself will later raise an OSError exception.

- removed BadSymlink exception class.

Fixed in version 0.3.0.