From owner-freebsd-bugs Tue Jun 9 12:40:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA17927 for freebsd-bugs-outgoing; Tue, 9 Jun 1998 12:40:15 -0700 (PDT) (envelope-from owner-freebsd-bugs@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA17841 for ; Tue, 9 Jun 1998 12:40:05 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id MAA00453; Tue, 9 Jun 1998 12:40:00 -0700 (PDT) Received: from germanium.xtalwind.net (germanium.xtalwind.net [205.160.242.5]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA16932 for ; Tue, 9 Jun 1998 12:35:58 -0700 (PDT) (envelope-from jack@germanium.xtalwind.net) Received: (from jack@localhost) by germanium.xtalwind.net (8.9.0/8.9.0) id PAA10693; Tue, 9 Jun 1998 15:35:41 -0400 (EDT) Message-Id: <199806091935.PAA10693@germanium.xtalwind.net> Date: Tue, 9 Jun 1998 15:35:41 -0400 (EDT) From: jack@germanium.xtalwind.net Reply-To: jack@germanium.xtalwind.net To: FreeBSD-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: 3.2 Subject: misc/6901: Ftpd allows access to only one directory tree for anonymous users Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 6901 >Category: misc >Synopsis: Ftpd allows access to only one directory tree for anonymous users >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Jun 9 12:40:00 PDT 1998 >Last-Modified: >Originator: >Organization: >Release: FreeBSD 2.2.6-RELEASE i386 >Environment: >Description: User names `anonymous' and `ftp' logging into virtual hosts are chrooted to the same directory tree as users anonymously logging into the host machine. >How-To-Repeat: Set up virtual FTP hosting and log into a virtual host as anonymous or ftp. >Fix: Allow a `home' directory for virtual hosts to be specified in /etc/ftphosts *** ftpd.c.orig Wed Dec 24 14:13:47 1997 --- ftpd.c Tue Jun 9 10:40:13 1998 *************** *** 163,168 **** --- 163,169 ---- char *statfile; char *welcome; char *loginmsg; + char *chrootdir; } *thishost, *firsthost; #endif *************** *** 651,657 **** hrp->hostname = strdup(cp); /* ok, now we now peel off the rest */ i = 0; ! while (i < 4 && (cp = strtok(NULL, " \t")) != NULL) { if (*cp != '-' && (cp = strdup(cp)) != NULL) { switch (i) { case 0: /* anon user permissions */ --- 652,658 ---- hrp->hostname = strdup(cp); /* ok, now we now peel off the rest */ i = 0; ! while (i < 5 && (cp = strtok(NULL, " \t")) != NULL) { if (*cp != '-' && (cp = strdup(cp)) != NULL) { switch (i) { case 0: /* anon user permissions */ *************** *** 666,671 **** --- 667,675 ---- case 3: /* login message */ hrp->loginmsg = cp; break; + case 4: /* virtual host ftp directory */ + hrp->chrootdir = cp; + break; } } ++i; *************** *** 781,787 **** checkuser(_PATH_FTPUSERS, "anonymous")) reply(530, "User %s access denied.", name); #ifdef VIRTUAL_HOSTING ! else if ((pw = sgetpwnam(thishost->anonuser)) != NULL) { #else else if ((pw = sgetpwnam("ftp")) != NULL) { #endif --- 785,792 ---- checkuser(_PATH_FTPUSERS, "anonymous")) reply(530, "User %s access denied.", name); #ifdef VIRTUAL_HOSTING ! else if (((pw = sgetpwnam(thishost->anonuser)) != NULL) ! || strcmp(name, "ftp") == 0) { #else else if ((pw = sgetpwnam("ftp")) != NULL) { #endif *************** *** 1016,1022 **** * the old current directory will be accessible as "." * outside the new root! */ ! if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) { reply(550, "Can't set guest privileges."); goto bad; } --- 1021,1028 ---- * the old current directory will be accessible as "." * outside the new root! */ ! if (chroot(thishost->chrootdir ? thishost->chrootdir : pw->pw_dir) < 0 ! || chdir("/") < 0) { reply(550, "Can't set guest privileges."); goto bad; } *** ftpd.8.orig Thu Mar 5 07:24:20 1998 --- ftpd.8 Tue Jun 9 10:40:33 1998 *************** *** 375,382 **** Contains a user record in the system password file. As with normal anonymous ftp, this user's access uid, gid and group memberships determine file access to the anonymous ftp area. ! The anonymous ftp area (to which any user is chrooted on login) is determined by the home directory defined for the account. User id and group for any ftp account may be the same as for the standard ftp user. .It statfile --- 375,384 ---- Contains a user record in the system password file. As with normal anonymous ftp, this user's access uid, gid and group memberships determine file access to the anonymous ftp area. ! The anonymous ftp area (to which this user is chrooted on login) is determined by the home directory defined for the account. + Anonymous or ftp logins are chrooted to the directory specified by + rootdir. User id and group for any ftp account may be the same as for the standard ftp user. .It statfile *************** *** 392,402 **** This file is displayed after the user logs in. It defaults to .Pa /etc/ftpmotd . .El .Pp Defining a virtual host for the primary IP address or hostname changes the default for ftp logins to that address. ! The 'user', 'statfile', 'welcome' and 'motd' fields may be left blank, or a single hypen '-' used to indicate that the default value is to be used. .Pp --- 394,408 ---- This file is displayed after the user logs in. It defaults to .Pa /etc/ftpmotd . + .It rootdir + Chroot directory for anonymous or ftp logins to this host. + It defaults to + .Pa ~/ftp . .El .Pp Defining a virtual host for the primary IP address or hostname changes the default for ftp logins to that address. ! The 'user', 'statfile', 'welcome', 'motd' and 'rootdir' fields may be left blank, or a single hypen '-' used to indicate that the default value is to be used. .Pp >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message