From owner-cvs-all Wed Jan 29 2: 7:29 2003 Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE43837B401; Wed, 29 Jan 2003 02:07:28 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 623AB43E4A; Wed, 29 Jan 2003 02:07:28 -0800 (PST) (envelope-from yar@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h0TA7Sbv023518; Wed, 29 Jan 2003 02:07:28 -0800 (PST) (envelope-from yar@repoman.freebsd.org) Received: (from yar@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h0TA7SJg023517; Wed, 29 Jan 2003 02:07:28 -0800 (PST) Message-Id: <200301291007.h0TA7SJg023517@repoman.freebsd.org> From: Yar Tikhiy Date: Wed, 29 Jan 2003 02:07:27 -0800 (PST) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/libexec/ftpd ftpchroot.5 ftpcmd.y ftpd.8 ftpd.c X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG yar 2003/01/29 02:07:27 PST Modified files: libexec/ftpd ftpchroot.5 ftpcmd.y ftpd.8 ftpd.c Log: Give the code around chroot(2)/chdir(2) a major overhaul by separating its part around chroot(2) from that around initial chdir(2). This makes the below changes really easy. Move seteuid(to user's uid) to before calling chdir(2). There are two goals to achieve by that. First, NFS mounted home directories with restrictive permissions become accessible (local superuser can't access them if not mapped to uid 0 on the remote side explicitly.) Second, all the permissions to the home directory pathname components become effective; previously a user could be carried to any local directory despite its permissions since the chdir(2) was done with euid 0. This reduces possible impact from FTP server misconfiguration, e.g., assigning a wrong home directory to a user. Implement the "/./" feature. Now a guest or user subject to chrooting may have "/./" in his login directory, which separates his chroot directory from his home directory inside the chrooted environment. This works for ftpchroot(5) as well. PR: bin/17843 bin/23944 Revision Changes Path 1.2 +16 -4 src/libexec/ftpd/ftpchroot.5 1.47 +2 -4 src/libexec/ftpd/ftpcmd.y 1.59 +11 -0 src/libexec/ftpd/ftpd.8 1.138 +72 -33 src/libexec/ftpd/ftpd.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message