From owner-freebsd-stable Thu Aug 6 15:13:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA19300 for freebsd-stable-outgoing; Thu, 6 Aug 1998 15:13:37 -0700 (PDT) (envelope-from owner-freebsd-stable@FreeBSD.ORG) Received: from lionking.org (blacker-99.caltech.edu [131.215.86.99]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA19294 for ; Thu, 6 Aug 1998 15:13:36 -0700 (PDT) (envelope-from btman@ugcs.caltech.edu) Received: from localhost (btman@localhost) by lionking.org (8.9.1/8.9.1) with SMTP id PAA29743 for ; Thu, 6 Aug 1998 15:13:22 -0700 (PDT) X-Authentication-Warning: lionking.org: btman owned process doing -bs Date: Thu, 6 Aug 1998 15:13:21 -0700 (PDT) From: Brian Tiemann X-Sender: btman@lionking.org To: freebsd-stable@FreeBSD.ORG Subject: Re: [proftpd-l] New ProFTPd user - Security, Incoming and pwd.db? (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Forwarded from the proftpd mailing list. Just to make sure this is out in the open and people know about it... Brian ---------- Forwarded message ---------- Date: Thu, 6 Aug 1998 17:50:08 -0400 From: Floody Reply-To: proftpd-l@evcom.net To: Karl Pielorz Cc: proftpd-l@evcom.net Subject: Re: [proftpd-l] New ProFTPd user - Security, Incoming and pwd.db? On Thu, Aug 06, 1998 at 04:10:28PM +0100, Karl Pielorz wrote: > Floody wrote: > > > I'm not sure why this happens (on FreeBSD only). I don't have a free box > > that I can run root on. Does this happen ONLY for anonymous (or other > > chroot()ed logins)? When _exactly_ does it occur? > > It occurs once, and only once when inetd fires up proftpd... > > "Aug 6 10:49:18 caladan proftpd[15835]: /etc/pwd.db: No such file or directory" > > I thought it would happen if the process has chroot'd itself - i.e. it can't get > to the real '/etc/pwd.db' ;-) Ok. I put up a test FreeBSD 2.2.7 system. There appears to be a libc problem with the setpassent() function, which doesn't work on FreeBSD as documented in the man pages (or on any other BSD). This is the heart of the problem. There is no workaround until libc is fixed. Sample code to demonstrate the problem, MUST be run as root: --TEAR HEAR-- #include #include #include #include int main() { setpassent(1); getpwent(); chroot("/usr"); chdir("/"); if(!getpwuid(0)) { printf("setpassent doesn't appear to work\n"); } else { if(!getpwuid(0)) printf("second getpwuid(0) didn't work\n"); else printf("setpassent works\n"); } return 0; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message