Date: Wed, 3 Jan 2001 09:30:05 -0800 (PST) From: George Reid <greid@dogma.freebsd-uk.eu.org> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/24034: "CWD" discloses the full "real" path in a chroot environment (freebsd 4.2-stable aprox december 11th) (fwd) Message-ID: <200101031730.f03HU5U87153@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/24034; it has been noted by GNATS. From: George Reid <greid@ukug.uk.freebsd.org> To: FreeBSD-gnats-submit@freebsd.org Cc: Subject: Re: misc/24034: "CWD" discloses the full "real" path in a chroot environment (freebsd 4.2-stable aprox december 11th) (fwd) Date: Wed, 3 Jan 2001 17:28:24 +0000 (GMT) [Reposted s/t tracked by GNATS] This patch fixes: Index: ftpcmd.y =================================================================== RCS file: /usr/cvs/src/libexec/ftpd/ftpcmd.y,v retrieving revision 1.19 diff -u -r1.19 ftpcmd.y --- ftpcmd.y 2000/12/16 19:19:19 1.19 +++ ftpcmd.y 2001/01/03 03:52:35 @@ -76,6 +76,7 @@ extern int logged_in; extern struct passwd *pw; extern int guest; +extern int dochroot; extern int paranoid; extern int logging; extern int type; @@ -505,7 +506,7 @@ | CWD check_login CRLF { if ($2) { - if (guest) + if (guest || dochroot) cwd("/"); else cwd(pw->pw_dir); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101031730.f03HU5U87153>