From owner-freebsd-security  Sat Jun  9 10:19:26 2001
Delivered-To: freebsd-security@freebsd.org
Received: from audio.gfoster.com (24-168-222-182.mf.cox.rr.com [24.168.222.182])
	by hub.freebsd.org (Postfix) with ESMTP id 36B4637B403
	for <security@freebsd.org>; Sat,  9 Jun 2001 10:19:21 -0700 (PDT)
	(envelope-from gfoster@audio.gfoster.com)
Received: (from gfoster@localhost)
	by audio.gfoster.com (8.11.3/8.11.3) id f59HIJ235191;
	Sat, 9 Jun 2001 13:18:19 -0400 (EDT)
	(envelope-from gfoster)
From: Glen Foster <gfoster@gfoster.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <15138.23131.648658.477266@audio.gfoster.com>
Date: Sat, 9 Jun 2001 13:18:19 -0400
To: security@freebsd.org
Subject: Q: suiddir on ~ftp/incoming?
X-Mailer: VM 6.90 under 21.1 (patch 13) "Crater Lake" XEmacs Lucid
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Standard ftpd on a not-so-old 4.3-S.  With the less-than-sterling
record of more featureful FTP servers, I'd like to find a way to stick
with old faithful.

Is it a bad idea to make a directory, ~ftp/incoming, with perms=5333,
on an anonymous FTP server as a "dropbox" for uploading?  No untrusted
shell accounts on the machine in question.

As most who try to provide drop boxes discover, warez d00dz quickly
find them and manage to fill them up with bit strings that, according
to some, are worth billions of dollars each and every year.  They do
this by the mechanism of creating a directory that is owned by "ftp,"
with which and in they can play their little games at will.

The intention is, by enforcing suiddir, the directories and files they
create won't be listable, thus removing much of the raison d'etre for
their creation.

Of course, the "filler" will still be able to write, fill up the disk,
etc. but the hordes who follow after will be dissuaded and not consume
all your mbufs with their requests.

Anybody done this?  Results over time?

Yes, it is a form of STO easily defeated by miscreants keeping a
directory of uploaded files and sharing it with customers.  But, in
practice, is it worthwhile to do?

Any insight would be appreciated,
Glen Foster <gfoster@gfoster.com>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message