Date: Tue, 23 Apr 2002 23:10:48 -0400 (EDT) From: Garrett Wollman <wollman@lcs.mit.edu> To: Mikko Tyolajarvi <mikko@dynas.se> Cc: security@FreeBSD.ORG Subject: Re: segfault in ftpd Message-ID: <200204240310.g3O3Amd04898@khavrinen.lcs.mit.edu> In-Reply-To: <200204240253.g3O2rrM33014@mikko.rsa.com> References: <20020423225805.Q93786-100000@titanic.medinet.si> <200204240253.g3O2rrM33014@mikko.rsa.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Tue, 23 Apr 2002 19:53:53 -0700 (PDT), Mikko Tyolajarvi <mikko@dynas.se> said: > makes it such a security problem in the first place -- how often do > you _really_ need to change user in the middle of an ftp session? > It should just switch uid and be done with it, IMHO). Unfortunately, the people who designed the FTP protocol did not consider the notion of `privileged ports'. As a result, an active-mode FTP connection is required to originate from <control.channel.ip.address, 20>, which means that for every active-mode FTP operation, the FTP server must be able to bind to a privileged port. An implementation of capabilities would obviate this problem: ftp could change its context entirely to that of the client, except leaving the `can bind low ports' bit on, and still be able to accomplish what it needs to do. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204240310.g3O3Amd04898>