From owner-cvs-all  Wed Nov 13 21:23:21 2002
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2730937B404; Wed, 13 Nov 2002 21:23:20 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 7CA2A43E75; Wed, 13 Nov 2002 21:23:19 -0800 (PST)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.12.4/8.12.4) with SMTP id gAE5MGOo057388;
	Thu, 14 Nov 2002 00:22:16 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Thu, 14 Nov 2002 00:22:15 -0500 (EST)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: "M. Warner Losh" <imp@bsdimp.com>
Cc: grog@FreeBSD.org, danfe@nsu.ru, obrien@FreeBSD.org,
	cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/contrib/lukemftpd - Imported sources
In-Reply-To: <20021113.215618.62371469.imp@bsdimp.com>
Message-ID: <Pine.NEB.3.96L.1021114001954.55190A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG


On Wed, 13 Nov 2002, M. Warner Losh wrote:

> : > AFAIC, regular ftpd is more secure and robust than lukemftpd.  I've
> : > seen reports in the past saying that performance issues in lukemftpd
> : > are unavoidable WRT fixing them.  Until we get performance and
> : > security up to what we have in ftpd right now, IMHO it's rather
> : > meaningless to compare features.
> : 
> : This is the first report of this kind I've heard.  Can you supply
> : details?
> 
> The security part is easy: the last 3 or 4 ftp exploits to hit lukemftp
> havne't hit our base ftp because someone went through it on a paranoia
> bent in '94 or so and secured it. 

And FTP exploits really suck due to retaining a saved uid of 0 so you can
open privileged ports--almost all exploits for FTPd's result in root (if
they're done right).  BTW, we wrote a privilege-separated version of the
BSD FTPd as part of our PRIVMAN project (part of CBOSS):

    http://opensource.nailabs.com/privman/

As the PRIVMAN technology matures, it might be something we consider
putting in FreeBSD at some point.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Network Associates Laboratories



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message