From owner-freebsd-audit Thu Jan 4 5:52:13 2001 From owner-freebsd-audit@FreeBSD.ORG Thu Jan 4 05:52:02 2001 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from ns1.via-net-works.net.ar (ns1.via-net-works.net.ar [200.10.100.10]) by hub.freebsd.org (Postfix) with ESMTP id 5791337B400; Thu, 4 Jan 2001 05:52:00 -0800 (PST) Received: (from fpscha@localhost) by ns1.via-net-works.net.ar (8.9.3/8.9.3) id KAA96373; Thu, 4 Jan 2001 10:51:52 -0300 (ART) From: Fernando Schapachnik Message-Id: <200101041351.KAA96373@ns1.via-net-works.net.ar> Subject: Re: bin/23944: Proposed modification to ftpd In-Reply-To: <3A536F7C.71DA4C2E@colltech.com> "from Daniel Hagan at Jan 3, 2001 01:29:16 pm" To: Daniel Hagan Date: Thu, 4 Jan 2001 10:51:52 -0300 (ART) Cc: Fernando Schapachnik , Warner Losh , Roman Shterenzon , audit@FreeBSD.ORG, freebsd-bugs@FreeBSD.ORG, greid@dogma.freebsd-uk.eu.org Reply-To: Fernando Schapachnik X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=ELM978616312-93709-0_ Content-Transfer-Encoding: 8bit Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --ELM978616312-93709-0_ Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=ISO-8859-1 En un mensaje anterior, Daniel Hagan escribió: > I've been poking around GNATS today, and I noticed misc/24034, a > semi-related patch. If this (bin/23944) gets committed, someone needs > to update the code from 24034 as well. The patch I'm attaching contains a reworked version of my original patch and a fix for misc/24034 under the new scenario. The only problem is they are against 4.2-RELEASE, and thus ftpcmd.y 1.16.2.1 (I can't follow -stable at the moment). Anyway, from what cvsweb reveals, there shouldn't be any trouble making it fit in the current version. Regards. Fernando P. Schapachnik Administración de la red VIA NET.WORKS ARGENTINA S.A. fschapachnik@vianetworks.com.ar Conmutador: (54-11) 4323-3333 - Soporte: 0810-333-AYUDA --ELM978616312-93709-0_ Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=ISO-8859-1 Content-Disposition: attachment; filename=ftpd.patch --- ftpd.c.orig Mon Oct 23 17:57:54 2000 +++ ftpd.c Thu Jan 4 10:27:39 2001 @@ -139,6 +139,7 @@ int anon_only = 0; /* Only anonymous ftp allowed */ int guest; int dochroot; +char *cd_dir, *chroot_dir; int stats; int statfd = -1; int type; @@ -185,6 +186,9 @@ char *pid_file = NULL; +/* WARNING: FTP_CHROOT_SEPARATOR *MUST* end in / */ +#define FTP_CHROOT_SEPARATOR "/./" + /* * Timeout intervals for retrying connections * to hosts that don't accept PORT cmds. This @@ -248,6 +252,7 @@ static char *sgetsave __P((char *)); static void reapchild __P((int)); static void logxfer __P((char *, long, long)); +static void get_chroot_and_cd_dirs __P((char *, char **, char **)); static char * curdir() @@ -1027,6 +1032,8 @@ logged_in = 0; guest = 0; dochroot = 0; + free(chroot_dir); + free(cd_dir); } #if !defined(NOPAM) @@ -1291,10 +1298,13 @@ goto bad; } } else if (dochroot) { - if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) { + get_chroot_and_cd_dirs(pw->pw_dir, &chroot_dir, &cd_dir); + if (chroot(chroot_dir) < 0 || chdir(cd_dir) < 0) { reply(550, "Can't change root."); goto bad; } + free(chroot_dir); + free(cd_dir); } else if (chdir(pw->pw_dir) < 0) { if (chdir("/") < 0) { reply(530, "User %s: can't change directory to %s.", @@ -2789,5 +2799,50 @@ ctime(&now)+4, ident, remotehost, path, name, size, now - start + (now == start)); write(statfd, buf, strlen(buf)); + } +} + +/* + * Make a pointer to the chroot dir and another to the cd dir. + * The first is all the path up to the first FTP_CHROOT_SEPARATOR. + * The later is the remaining chars, not including the FTP_CHROOT_SEPARATOR, + * but prepending a '/', if FTP_CHROOT_SEPARATOR is found. + * Otherwise, return user_home_dir as chroot_dir and "/" as cd_dir. + */ +static void +get_chroot_and_cd_dirs(user_home_dir, chroot_dir, cd_dir) + char *user_home_dir; + char **chroot_dir; + char **cd_dir; +{ + char *p; + + /* Make a pointer to first character of string FTP_CHROOT_SEPARATOR + inside user_home_dir. */ + p = (char *) strstr(user_home_dir, FTP_CHROOT_SEPARATOR); + if (p == NULL) { + /* + * There is not FTP_CHROOT_SEPARATOR string inside + * user_home_dir. Return user_home_dir as chroot_dir, + * and "/" as cd_dir. + */ + if ((*chroot_dir = (char *) strdup(user_home_dir)) == NULL) + fatal("Ran out of memory."); + if ((*cd_dir = (char *) strdup("/")) == NULL) + fatal("Ran out of memory."); + } else { + /* + * Use strlen(user_home_dir) as maximun length for + * both cd_dir and chroot_dir, as both are substrings of + * user_home_dir. + */ + if ((*chroot_dir = malloc(strlen(user_home_dir))) == NULL) + fatal("Ran out of memory."); + if ((*cd_dir = malloc(strlen(user_home_dir))) == NULL) + fatal("Ran out of memory."); + (void) strncpy(*chroot_dir, user_home_dir, p-user_home_dir); + /* Skip FTP_CHROOT_SEPARATOR (except the last /). */ + p += strlen(FTP_CHROOT_SEPARATOR)-1; + (void) strncpy(*cd_dir, p, strlen(p)); } } --- ftpcmd.y.orig Thu Jan 4 09:52:32 2001 +++ ftpcmd.y Thu Jan 4 10:30:40 2001 @@ -90,6 +90,8 @@ extern int usedefault; extern int transflag; extern char tmpline[]; +extern int dochroot; +extern char *cd_dir, *chroot_dir; off_t restart_point; @@ -500,8 +502,14 @@ } | CWD check_login CRLF { - if ($2) - cwd(pw->pw_dir); + if ($2) { + if (guest) + cwd("/"); + else if (dochroot) { + cwd(cd_dir); + } else + cwd(pw->pw_dir); + } } | CWD check_login SP pathname CRLF { --- ftpd.8.orig Fri Dec 29 12:53:21 2000 +++ ftpd.8 Fri Dec 29 12:55:51 2000 @@ -298,13 +298,14 @@ or the user is a member of a group with a group entry in this file, i.e. one prefixed with .Ql \&@ , -the session's root will be changed to the user's login directory by +the session's root will be changed to the user's login directory (up to the first /./) by .Xr chroot 2 as for an .Dq anonymous or .Dq ftp account (see next item). +The user is placed into the directory that remainds after stripping the former from the user's login directory. This facility may also be triggered by enabling the boolean "ftp-chroot" capability in .Xr login.conf 5 . --ELM978616312-93709-0_-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message