From owner-freebsd-bugs Fri Apr 7 7:10: 7 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 0BA8637BBE6 for ; Fri, 7 Apr 2000 07:10:03 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id HAA50480; Fri, 7 Apr 2000 07:10:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from duke.cs.duke.edu (duke.cs.duke.edu [152.3.140.1]) by hub.freebsd.org (Postfix) with ESMTP id AFD8837B858 for ; Fri, 7 Apr 2000 07:08:17 -0700 (PDT) (envelope-from gallatin@cs.duke.edu) Received: from grasshopper.cs.duke.edu (grasshopper.cs.duke.edu [152.3.145.30]) by duke.cs.duke.edu (8.9.3/8.9.3) with ESMTP id KAA08022 for ; Fri, 7 Apr 2000 10:08:10 -0400 (EDT) Received: (from gallatin@localhost) by grasshopper.cs.duke.edu (8.9.3/8.9.1) id KAA33916; Fri, 7 Apr 2000 10:07:40 -0400 (EDT) (envelope-from gallatin@cs.duke.edu) Message-Id: <200004071407.KAA33916@grasshopper.cs.duke.edu> Date: Fri, 7 Apr 2000 10:07:40 -0400 (EDT) From: Andrew Gallatin Reply-To: gallatin@cs.duke.edu To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/17843: ftpd fails to set cwd with mode 700 NFS mounted home dirs Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 17843 >Category: bin >Synopsis: ftpd fails to set cwd with mode 700 NFS mounted home dirs >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Apr 7 07:10:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Andrew Gallatin >Release: FreeBSD 4.0-RELEASE i386 >Organization: >Environment: NFS mounted home directories, server mapping 0 to something other than 0 >Description: ftpd will currently fail to set the CWD when logging in if a user's home directory is mode 700 & it is mounted over NFS & the NFS server is not mapping root to 0 >How-To-Repeat: ftp into such a setup. Eg: % ftp 192.233.54.149 Connected to 192.233.54.149. 220 spe149.testdrive.compaq.com FTP server (Version 6.00LS) ready. Name (192.233.54.149:gallatin): gallatin 331 Password required for gallatin. Password: 230- No directory! Logging in with home=/ 230 User gallatin logged in. Remote system type is UNIX. Using binary mode to transfer files. >Fix: Index: libexec/ftpd//ftpd.c =================================================================== RCS file: /home/ncvs/src/libexec/ftpd/ftpd.c,v retrieving revision 1.62 diff -u -r1.62 ftpd.c --- libexec/ftpd//ftpd.c 2000/02/10 19:51:30 1.62 +++ libexec/ftpd//ftpd.c 2000/04/07 13:55:40 @@ -1287,14 +1287,29 @@ goto bad; } } else if (chdir(pw->pw_dir) < 0) { - if (chdir("/") < 0) { - reply(530, "User %s: can't change directory to %s.", - pw->pw_name, pw->pw_dir); + /* + * We may have failed to chdir if the user's home + * directory is mounted over NFS & it is unreadable by + * this machines superuser (eg. mode x00) -- set the + * uid & try again. + */ + + if (seteuid((uid_t)pw->pw_uid) < 0) { + reply(550, "Can't set uid."); goto bad; - } else - lreply(230, "No directory! Logging in with home=/"); + } + + if (chdir(pw->pw_dir) < 0) { + if (chdir("/") < 0) { + reply(530, "User %s: can't change directory to %s.", + pw->pw_name, pw->pw_dir); + goto bad; + } else + lreply(230, "No directory! Logging in with home=/"); + } } - if (seteuid((uid_t)pw->pw_uid) < 0) { + if (((uid_t)pw->pw_uid != geteuid()) && + seteuid((uid_t)pw->pw_uid) < 0) { reply(550, "Can't set uid."); goto bad; } >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message