From owner-freebsd-security Sat Jan 13 9:31:14 2001 Delivered-To: freebsd-security@freebsd.org Received: from pps.de (mail.pps.de [217.13.200.134]) by hub.freebsd.org (Postfix) with ESMTP id 4B37E37B402 for ; Sat, 13 Jan 2001 09:30:56 -0800 (PST) Received: from jung7.pps.de (jung7.pps.de [192.9.200.17]) by pps.de (8.9.3/8.9.3) with ESMTP id SAA90973 for ; Sat, 13 Jan 2001 18:48:55 +0100 (CET) (envelope-from petros@pps.de) Received: from feder.pps.de by jung7.pps.de (8.9.3+Sun/ZRZ-Sol2) id SAA15552; Sat, 13 Jan 2001 18:27:25 +0100 (MET) Received: from feder by feder.pps.de (8.9.3+Sun/ZRZ-Sol2) id SAA23176; Sat, 13 Jan 2001 18:27:27 +0100 (MET) Message-Id: <200101131727.SAA23176@feder.pps.de> Date: Sat, 13 Jan 2001 18:27:27 +0100 (MET) From: Peter Ross Reply-To: Peter Ross Subject: Re: Proposed modification to ftpd To: security@freebsd.org MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: U8zBI5ZOm3DhedzFvep42A== X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.3.5 SunOS 5.7 sun4u sparc Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, next week I have to change a ftp server. I read the thread starting with the message from Fernando Schapachnik on Fri, 29 Dec 2000 13:29:45 -0300 (ART) > I just submitted PR bin/23944, which contains a patch against > 4.2R ftpd to add the following funcionality to chrooted users: The > user's home dir is splitted by the first '/./'. The first part is > used to chroot, and the second to chdir (eg, > '/usr/local/www/data/site/./htdocs', means chroot to > /usr/local/www/data/site, and then chdir to htdocs). > > The reason I consider it (some how) security related is that > it is meant to simplify migration from (usually > remote-root-exploitable) wu-ftpd, which uses the same sintax. I want to migrate (for security reasons). I wish that the user doesn't see /etc or /bin after login, because some of them using scripts to receive data. These scripts could have instructions like "mput *". There are more then one or two users and I don't like monday telephon calls "It doesn't work". Some users are confused by smallest changes.. I created a home directory owned by the FTP account and used /etc/ftpchroot. Fortunately ls is integrated part of ftpd - no bin directory necessary. Also there's no etc. According to the man page I only see uids (no names because there is no passwd database) but I think that isn't a problem. This moment I can't see other problems. It seems to work. ftpd(8) > ~ftp Make the home directory owned by ``root'' and unwritable > by anyone. Hmmh. Now the home directory is 775 (a different user with a same gid moves the files in our network or from it) Would you prefer my way to migrate wu-ftpd -> ftpd rather than implement the "*/./*" syntax? Any risks? Regards Peter Ross To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message