Date: Wed, 3 Jan 2001 09:30:05 -0800 (PST) From: George Reid <greid@dogma.freebsd-uk.eu.org> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/24034: "CWD" discloses the full "real" path in a chroot environment (freebsd 4.2-stable aprox december 11th) (fwd) Message-ID: <200101031730.f03HU5U87153@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/24034; it has been noted by GNATS.
From: George Reid <greid@ukug.uk.freebsd.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Re: misc/24034: "CWD" discloses the full "real" path in a chroot
environment (freebsd 4.2-stable aprox december 11th) (fwd)
Date: Wed, 3 Jan 2001 17:28:24 +0000 (GMT)
[Reposted s/t tracked by GNATS]
This patch fixes:
Index: ftpcmd.y
===================================================================
RCS file: /usr/cvs/src/libexec/ftpd/ftpcmd.y,v
retrieving revision 1.19
diff -u -r1.19 ftpcmd.y
--- ftpcmd.y 2000/12/16 19:19:19 1.19
+++ ftpcmd.y 2001/01/03 03:52:35
@@ -76,6 +76,7 @@
extern int logged_in;
extern struct passwd *pw;
extern int guest;
+extern int dochroot;
extern int paranoid;
extern int logging;
extern int type;
@@ -505,7 +506,7 @@
| CWD check_login CRLF
{
if ($2) {
- if (guest)
+ if (guest || dochroot)
cwd("/");
else
cwd(pw->pw_dir);
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101031730.f03HU5U87153>