Date: Thu, 20 Dec 2001 22:19:13 -0800 (PST) From: Tony Lynn <wing@cert.org.tw> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/33049: proftpd file permission error. Message-ID: <200112210619.fBL6JDH63192@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 33049 >Category: ports >Synopsis: proftpd file permission error. >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Dec 20 22:20:00 PST 2001 >Closed-Date: >Last-Modified: >Originator: Tony Lynn >Release: 4.4-STABLE >Organization: TW-CERT >Environment: FreeBSD xxxxxx.xxxx.xxx.xx 4.4-STABLE FreeBSD 4.4-STABLE #3: Wed Dec 12 09:21:04 CST 2001 root@xxxxxx.xxxx.xxx.xx:/usr/obj/usr/src/sys/camera i386 ftp localhost Connected to localhost. 220 ProFTPD 1.2.4 Server >Description: ftpwho need the permission to read /var/run/proftpd/proftpd-[pid] file. With default install, the file permission will be set to 400. Thus only root can get access to this file, and only those who has root access to the machine can submit ftpwho command and see current user. The file permission should change to 444 in order to make normal user able to get stastical information. >How-To-Repeat: submit ftpwho request >Fix: change the default file permission to 444. or, suid ftpwho(not recommended). >Release-Note: >Audit-Trail: >Unformatted: >ftpwho To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112210619.fBL6JDH63192>