From owner-freebsd-hackers Sat Jan 19 13: 0:23 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by hub.freebsd.org (Postfix) with ESMTP id D972137B404 for ; Sat, 19 Jan 2002 13:00:15 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc52.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020119210010.KQOD3578.rwcrmhc52.attbi.com@InterJet.elischer.org>; Sat, 19 Jan 2002 21:00:10 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id MAA02956; Sat, 19 Jan 2002 12:46:04 -0800 (PST) Date: Sat, 19 Jan 2002 12:46:03 -0800 (PST) From: Julian Elischer To: Aaron Smith Cc: freebsd-hackers@freebsd.org Subject: Re: ftpd patch that saves me a lot of hassle In-Reply-To: <20020119122812.E909@gelatinous.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG if you make your incoming Write-only then they will hav elottle point in puting stuff there.. We do this, in several places, and have a script move the incoming stuff elsewhere at regular intervals too. (not that I disagree with your patch but I often mode 'dot files' e.g. .cshrc, or even CVS "#" files On Sat, 19 Jan 2002, Aaron Smith wrote: > I got sick of (presumably) warez people probing my anonymous ftp site and > dropping all kinds of hard-to-delete trash in incoming, so I patched my > ftpd to only allow directories to start with alphanumerics. There's > probably a better solution, but this works for me so I figure'd I'd share. > > Combining this with a umask that doesn't allow reading uploaded files keeps > things reasonably well in hand. > > --Aaron > > > Index: ftpd.c > =================================================================== > RCS file: /usr/cvs/src/libexec/ftpd/ftpd.c,v > retrieving revision 1.62.2.15 > diff -u -r1.62.2.15 ftpd.c > --- ftpd.c 2001/12/18 18:35:55 1.62.2.15 > +++ ftpd.c 2002/01/19 09:47:42 > @@ -2216,6 +2216,12 @@ > { > > LOGCMD("mkdir", name); > + > + if (!isalnum(*name)) { > + reply(521, "Bite me."); > + return; > + } > + > if (mkdir(name, 0777) < 0) > perror_reply(550, name); > else > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message