diff options
author | yar <yar@FreeBSD.org> | 2003-01-29 10:07:27 +0000 |
---|---|---|
committer | yar <yar@FreeBSD.org> | 2003-01-29 10:07:27 +0000 |
commit | e6e9500985f4f7ecfe47d94db27b2e1cb80f9f25 (patch) | |
tree | 8fde0f8caa19168edffd0451d6616eaaf5c4e9b3 /libexec/ftpd/ftpcmd.y | |
parent | d058571890b29a89c4d553f16608a810bfdcfe22 (diff) | |
download | FreeBSD-src-e6e9500985f4f7ecfe47d94db27b2e1cb80f9f25.zip FreeBSD-src-e6e9500985f4f7ecfe47d94db27b2e1cb80f9f25.tar.gz |
Give the code around chroot(2)/chdir(2) a major overhaul by
separating its part around chroot(2) from that around initial
chdir(2). This makes the below changes really easy.
Move seteuid(to user's uid) to before calling chdir(2). There are
two goals to achieve by that. First, NFS mounted home directories
with restrictive permissions become accessible (local superuser
can't access them if not mapped to uid 0 on the remote side
explicitly.) Second, all the permissions to the home directory
pathname components become effective; previously a user could be
carried to any local directory despite its permissions since the
chdir(2) was done with euid 0. This reduces possible impact from
FTP server misconfiguration, e.g., assigning a wrong home directory
to a user.
Implement the "/./" feature. Now a guest or user subject to chrooting
may have "/./" in his login directory, which separates his chroot
directory from his home directory inside the chrooted environment.
This works for ftpchroot(5) as well.
PR: bin/17843 bin/23944
Diffstat (limited to 'libexec/ftpd/ftpcmd.y')
-rw-r--r-- | libexec/ftpd/ftpcmd.y | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y index cb9f97f..261ffd0 100644 --- a/libexec/ftpd/ftpcmd.y +++ b/libexec/ftpd/ftpcmd.y @@ -78,6 +78,7 @@ extern union sockunion data_dest, his_addr; extern int logged_in; extern struct passwd *pw; extern int guest; +extern char *homedir; extern int paranoid; extern int logging; extern int type; @@ -535,10 +536,7 @@ cmd | CWD check_login CRLF { if ($2) { - if (guest) - cwd("/"); - else - cwd(pw->pw_dir); + cwd(homedir); } } | CWD check_login SP pathname CRLF |