From owner-freebsd-security@FreeBSD.ORG Fri Dec 9 08:39:24 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BA8EB106564A for ; Fri, 9 Dec 2011 08:39:24 +0000 (UTC) (envelope-from egrosbein@rdtc.ru) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13::5]) by mx1.freebsd.org (Postfix) with ESMTP id 24D488FC0C for ; Fri, 9 Dec 2011 08:39:23 +0000 (UTC) Received: from eg.sd.rdtc.ru (localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.14.5/8.14.5) with ESMTP id pB98dK7B014234; Fri, 9 Dec 2011 15:39:20 +0700 (NOVT) (envelope-from egrosbein@rdtc.ru) Message-ID: <4EE1C933.4020001@rdtc.ru> Date: Fri, 09 Dec 2011 15:39:15 +0700 From: Eugene Grosbein User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; ru-RU; rv:1.9.2.13) Gecko/20110112 Thunderbird/3.1.7 MIME-Version: 1.0 To: Xin LI References: <4ED68B4D.4020004@sentex.net> <4ED69B7E.50505@frasunek.com> <4ED6C3C6.5030402@delphij.net> <4ED6D1CD.9080700@sentex.net> <4ED6D577.9010007@delphij.net> <4ED6DA75.30604@sentex.net> <4EE131B8.7040000@sentex.net> In-Reply-To: Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 09 Dec 2011 12:18:53 +0000 Cc: freebsd-security@freebsd.org, gabor@zahemszky.hu Subject: Re: ftpd security issue ? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Dec 2011 08:39:24 -0000 09.12.2011 15:25, Xin LI пишет: > On Fri, Dec 9, 2011 at 12:04 AM, wrote: >> Hi! >> >> Are the following steps enough to prevent me? >> >> # for user in user1 user2 .... ; do >> mkdir -p ~$user/lib ~$user/usr/lib ~$user/etc >> chflags sunlink,schg ~$user/lib ~$user/usr ~$user/usr/lib ~$user/etc >> done >> # > > Yes that should be sufficient workaround. Why /lib and /usr/lib only? Eugene Grosbein