Date: Wed, 25 Oct 2000 02:47:07 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: David Harnick-Shapiro <davidhs@intelenet.net> Cc: John.Place@rrd.com, freebsd-questions@FreeBSD.ORG Subject: Re: Anonymous FTP and Symlinks Message-ID: <20001025024707.A13508@hades.hell.gr> In-Reply-To: <200010242304.QAA26853@irv1-mail2.intelenet.net>; from davidhs@intelenet.net on Tue, Oct 24, 2000 at 04:04:25PM -0700 References: <20001024235125.B6932@hades.hell.gr> <200010242304.QAA26853@irv1-mail2.intelenet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 24, 2000 at 04:04:25PM -0700, David Harnick-Shapiro wrote:
>
> I may have missed something here, but why not just use relative,
> instead of absolute, symlinks? As long as the target file and
> the directory you're ftp-ing from have the same relationship to
> each other under the "real" root and the chroot-ed root, that
> should work.
>
> For example, if /home/user1/ftpdir/mylink is a symlink to
> "/home/user2/ftpdir/realfile", and you chroot to /home, that
> path breaks. But if mylink is a symlink to
> ../../user2/ftpdir/realfile, that path works in both cases.
> (In the normal case, ../.. is "/home", and in the chrooted case,
> ../.. is "/", but it works in each case.)
I think you do miss a point here. When you chroot("/home/ftp"), then
your `/' directory becomes /home/ftp. One of the interesting properties
of / as a directory is that `.' and `..' are the very same thing, i.e.
no matter how many times you `cd ..' when you are in /, you remain in
that same / directory.
This means that if you chroot("/home/ftp"), and you find a link named
"doc" in there that points to a relative path of "../charon/doc",
the two ".." dots are effectively meaningless after you chroot, and
"../charon/doc" is in fact a pointer to "./charon/doc" which of course
does not exist within the chrooted environment.
To back my claims up, I tested this in my 4.1.1 installation:
# cd ~ftp
# ln -s ../charon/doc
% ftp localhost
Connected to localhost.
220 localhost FTP server (Version 6.00LS) ready.
Name (localhost:charon): ftp
331 Guest login ok, send your email address as password.
Password:
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
150 Opening ASCII mode data connection for '/bin/ls'.
total 3
dr-xr-xr-x 2 root wheel 512 Oct 18 21:30 bin
lrwxr-xr-x 1 root wheel 13 Oct 24 23:40 doc -> ../charon/doc
dr-xr-xr-x 2 root wheel 512 Oct 19 22:49 etc
dr-xr-xr-x 5 root wheel 512 Oct 19 22:48 pub
226 Transfer complete.
ftp> cd doc
550 doc: No such file or directory.
--
Giorgos Keramidas, < keramida @ ceid . upatras . gr >
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001025024707.A13508>