From owner-svn-src-head@FreeBSD.ORG Thu Aug 19 14:36:46 2010 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6637F10656AE; Thu, 19 Aug 2010 14:36:46 +0000 (UTC) (envelope-from asmrookie@gmail.com) Received: from mail-qy0-f182.google.com (mail-qy0-f182.google.com [209.85.216.182]) by mx1.freebsd.org (Postfix) with ESMTP id A77B18FC14; Thu, 19 Aug 2010 14:36:45 +0000 (UTC) Received: by qyk4 with SMTP id 4so2146570qyk.13 for ; Thu, 19 Aug 2010 07:36:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=tiT1x8qcVSQKPEG8iODP4pM/kaJpIaRAgZrO9CBdn2s=; b=aicM4ayg34+VfMgHW41Z6HWl7oehTlLB/706jS7+5HOXur6B02hOZ5zDB4QvTHtKqP 0fesnZuqT5re1jtJv5maNoPT/uOlELOyPu8bDtzkXvFf8eLmojlWrLzQPSzRdJPRk9qC zGZCoVP/435rdCjsr3y4Xe4ZgTyDdeG675ZOw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=j3c9FslzMPCS/CAeGX1DeBAJtkY+jFXocrkpHmYUseEFSmTBhGuSAiVYR66xC3z11I p7deLpEGlvH029yB4baSTUZm7iKgWZm1G3wmi3ORDKgjxaJ++6LEeKDOaDHCYoBwA1gT qft9nXj/LJy0sSIYk/h3Znt7kdnvqUNXgB/B8= MIME-Version: 1.0 Received: by 10.229.219.70 with SMTP id ht6mr7375125qcb.105.1282228604820; Thu, 19 Aug 2010 07:36:44 -0700 (PDT) Sender: asmrookie@gmail.com Received: by 10.229.251.6 with HTTP; Thu, 19 Aug 2010 07:36:44 -0700 (PDT) In-Reply-To: <86bp924w3w.fsf@ds4.des.no> References: <201008161132.o7GBWKhx097183@svn.freebsd.org> <86mxsm4wff.fsf@ds4.des.no> <86bp924w3w.fsf@ds4.des.no> Date: Thu, 19 Aug 2010 16:36:44 +0200 X-Google-Sender-Auth: m6tz0U4rZuxo_o-cOaMjt6UqYK4 Message-ID: From: Attilio Rao To: =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r211393 - head/lib/libutil X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Aug 2010 14:36:46 -0000 2010/8/16 Dag-Erling Sm=C3=B8rgrav : > Dag-Erling Sm=C3=B8rgrav writes: >> Note that this commit semi-intentionally introduces another bug: in some >> cases, the user's limits will not be applied at all. =C2=A0This is by fa= r the >> lesser of two evils, and is easy (albeit time-consuming) to fix. > > Specifically, each of the files listed below needs to be audited. =C2=A0T= hose > that already call setusercontext() with the LOGIN_SETUSER flag set are > fine. =C2=A0Those that don't need to do so either instead of or shortly a= fter > calling setuid(). [snip] > -- > libexec/ftpd/ftpd.c: =C2=A0 =C2=A0setusercontext(NULL, getpwuid(0), 0, > libexec/ftpd/ftpd.c- =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 LOGIN_SETPRIORITY|LOGIN_SETRESOURCES|LOGIN_SETUMASK| > libexec/ftpd/ftpd.c- =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 LOGIN_SETMAC); > -- > libexec/ftpd/ftpd.c: =C2=A0 =C2=A0setusercontext(lc, pw, 0, > libexec/ftpd/ftpd.c- =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0LOGIN_SETLO= GIN|LOGIN_SETGROUP|LOGIN_SETPRIORITY| > libexec/ftpd/ftpd.c- =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0LOGIN_SETRE= SOURCES|LOGIN_SETUMASK|LOGIN_SETMAC); It seems to me that ftpd doesn't need any change, do you agree? Thanks, Attilio --=20 Peace can only be achieved by understanding - A. Einstein