From owner-freebsd-security  Mon Jun  9 11:45:34 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id LAA07706
          for security-outgoing; Mon, 9 Jun 1997 11:45:34 -0700 (PDT)
Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id LAA07699
          for <security@FreeBSD.ORG>; Mon, 9 Jun 1997 11:45:27 -0700 (PDT)
Received: from localhost (cschuber@localhost) by passer.osg.gov.bc.ca (8.8.5/8.6.10) with SMTP id LAA10915; Mon, 9 Jun 1997 11:44:42 -0700 (PDT)
Message-Id: <199706091844.LAA10915@passer.osg.gov.bc.ca>
X-Authentication-Warning: passer.osg.gov.bc.ca: cschuber@localhost didn't use HELO protocol
Reply-to: cschuber@uumail.gov.bc.ca
X-Mailer: MH
X-Sender: cschuber
To: Adam Shostack <adam@homeport.org>
cc: cschuber@uumail.gov.bc.ca, darkstar@telcentral.net, dg@root.com,
        yossman@yoss.canweb.net, security@FreeBSD.ORG
Subject: Re: ftpd security weakness on FreeBSD (fwd) 
In-reply-to: Your message of "Mon, 09 Jun 1997 12:05:41 EDT."
             <199706091605.MAA26597@homeport.org> 
Date: Mon, 09 Jun 1997 11:44:42 -0700
From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Wuftpd has some significant security holes in it, especially the realdir()
hole, allowing remote exploit of root.  The FreeBSD ftp daemon would be
much more secure for sites that wish to offer ftp access to local users.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
UNIX Support                   OV/VM:  BCSC02(CSCHUBER)
ITSD                          BITNET:  CSCHUBER@BCSC02.BITNET
Government of BC            Internet:  cschuber@uumail.gov.bc.ca
                                       cschuber@bcsc02.gov.bc.ca
                                       Cy.Schubert@gems8.gov.bc.ca

		"Quit spooling around, JES do it."

> I considered suggesting anonftpd (or Ranum's aftpd, which has more
> traditional messages).  I did not because a lot of people want to be
> able to ftp inwards, and the anon only option seems a bit more
> restrictive than is freebsd's bent.
> 
> I wouldn't oppose it as long as the docs suggested an upgrade path of
> (a/anon) -> logdaemon -> WUftpd as need for capabilities increases.
> 
> Adam
> 
> 
> Cy Schubert - ITSD Open Systems Group wrote:
> | Another good ftpd daemon is anonftpd.  It only supports anonymous ftp and a
> | subset of features.  Sites offering an anonymous ftp service could use the
> | anonftpd daemon for anonymous use while running the FreeBSD daemon (or
> | better yet the Kerberos V daemon) behind a TCP/Wrapper off another port.
> 
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 
>