Date: Sun, 31 Dec 2000 20:00:47 -0600 (CST) From: James Wyatt <jwyatt@rwsystems.net> To: opentrax@email.com Cc: fschapachnik@vianetworks.com.ar, kris@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: Proposed modification to ftpd Message-ID: <Pine.BSF.4.10.10012311917570.88578-100000@bsdie.rwsystems.net> In-Reply-To: <200012312351.PAA01718@spammie.svbug.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 31 Dec 2000 opentrax@email.com wrote: > On 29 Dec, Fernando Schapachnik wrote: > > En un mensaje anterior, Kris Kennaway escribi=F3: > > -- Start of PGP signed section. > >> On Fri, Dec 29, 2000 at 01:29:45PM -0300, Fernando Schapachnik wrote: > >> > Hello: > >> > =09I just submitted PR bin/23944, which contains a patch against > >> > 4.2R ftpd to add the following funcionality to chrooted users: The > >> > user's home dir is splitted by the first '/./'. The first part is > >> > used to chroot, and the second to chdir (eg, > >> > '/usr/local/www/data/site/./htdocs', means chroot to > >> > /usr/local/www/data/site, and then chdir to htdocs). > >>=20 > >> Ugh, that's ugly syntax. > >=20 > > Maybe, but that's how wu-ftpd does it. The objetive is to simplify > > migration from it. Anyway, this is a feature that stock FreeBSD ftpd > > does not have and is very usefull if you are doing virtual hosting. > >=20 > Adding a feature is not always a good thing. > As I recall, Wu-ftp is one of those buggy version of ftpd. > If people want this feature that wu-ftp has, then they > should use wu-ftp. Adding this, and possibly bugs, to > ftp does not make sense. Did I miss something? Adding *any* feature can possibly add bugs, right? I don't see where adding the wu-ftpd login-dir syntax would add "wu-ftpd style bugs". We aren't using their source, right? They do not have the tools like snprintf() and friends that we can use to get this right. FWIW, I run both FreeBSD and wu-ftpd FTP servers and would *really* like to see the above feature included. While I agree the syntax is a hack, it and things like internal-ls reduce the reliance of the FreeBSD community upon wu-ftpd and improve our lot. Fewer cracked FreeBSD systems is good. -- James Wyatt, R/WSystems, We are but patterns in the entropy of the cosmos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10012311917570.88578-100000>