From owner-freebsd-security Sun Dec 31 18: 2:55 2000 From owner-freebsd-security@FreeBSD.ORG Sun Dec 31 18:02:53 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2]) by hub.freebsd.org (Postfix) with ESMTP id 63DF437B400; Sun, 31 Dec 2000 18:02:53 -0800 (PST) Received: from bsdie.rwsystems.net([209.197.223.2]) (2531 bytes) by bsdie.rwsystems.net via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) id for ; Sun, 31 Dec 2000 20:00:48 -0600 (CST) (Smail-3.2.0.111 2000-Feb-17 #1 built 2000-Jun-25) Date: Sun, 31 Dec 2000 20:00:47 -0600 (CST) From: James Wyatt To: opentrax@email.com Cc: fschapachnik@vianetworks.com.ar, kris@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: Proposed modification to ftpd In-Reply-To: <200012312351.PAA01718@spammie.svbug.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 31 Dec 2000 opentrax@email.com wrote: > On 29 Dec, Fernando Schapachnik wrote: > > En un mensaje anterior, Kris Kennaway escribi=F3: > > -- Start of PGP signed section. > >> On Fri, Dec 29, 2000 at 01:29:45PM -0300, Fernando Schapachnik wrote: > >> > Hello: > >> > =09I just submitted PR bin/23944, which contains a patch against > >> > 4.2R ftpd to add the following funcionality to chrooted users: The > >> > user's home dir is splitted by the first '/./'. The first part is > >> > used to chroot, and the second to chdir (eg, > >> > '/usr/local/www/data/site/./htdocs', means chroot to > >> > /usr/local/www/data/site, and then chdir to htdocs). > >>=20 > >> Ugh, that's ugly syntax. > >=20 > > Maybe, but that's how wu-ftpd does it. The objetive is to simplify > > migration from it. Anyway, this is a feature that stock FreeBSD ftpd > > does not have and is very usefull if you are doing virtual hosting. > >=20 > Adding a feature is not always a good thing. > As I recall, Wu-ftp is one of those buggy version of ftpd. > If people want this feature that wu-ftp has, then they > should use wu-ftp. Adding this, and possibly bugs, to > ftp does not make sense. Did I miss something? Adding *any* feature can possibly add bugs, right? I don't see where adding the wu-ftpd login-dir syntax would add "wu-ftpd style bugs". We aren't using their source, right? They do not have the tools like snprintf() and friends that we can use to get this right. FWIW, I run both FreeBSD and wu-ftpd FTP servers and would *really* like to see the above feature included. While I agree the syntax is a hack, it and things like internal-ls reduce the reliance of the FreeBSD community upon wu-ftpd and improve our lot. Fewer cracked FreeBSD systems is good. -- James Wyatt, R/WSystems, We are but patterns in the entropy of the cosmos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message