Deny attempts to rename a file from guest users if the policy

says they may not modify existing files through FTP. Renaming a file is effectively a way to modify it. For instance, if a malicious party is unable to delete or overwrite a sensitive file, they can nevertheless rename it to a hidden name and then upload a troyan horse under the guise of the old file name.
author: yar <yar@FreeBSD.org> 2004-02-07 14:54:30 +0000
committer: yar <yar@FreeBSD.org> 2004-02-07 14:54:30 +0000
commit: ec50e6c644e06308553de640364d9e2962b0e6dc (patch)
tree: c4b11a9d70ad968ef24b2caac534f85225569793 /libexec/ftpd
parent: b836e6309ff8ea036674f4e032106d850a180a0e (diff)
download: FreeBSD-src-ec50e6c644e06308553de640364d9e2962b0e6dc.zip
FreeBSD-src-ec50e6c644e06308553de640364d9e2962b0e6dc.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c
index 9976967..88774c9 100644
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@@ -2520,6 +2520,10 @@ renamefrom(char *name)
 {
 	struct stat st;
 
+	if (guest && noguestmod) {
+		reply(550, "Operation not permitted");
+		return (NULL);
+	}
 	if (lstat(name, &st) < 0) {
 		perror_reply(550, name);
 		return ((char *)0);
author	yar <yar@FreeBSD.org>	2004-02-07 14:54:30 +0000
committer	yar <yar@FreeBSD.org>	2004-02-07 14:54:30 +0000
commit	ec50e6c644e06308553de640364d9e2962b0e6dc (patch)
tree	c4b11a9d70ad968ef24b2caac534f85225569793 /libexec/ftpd
parent	b836e6309ff8ea036674f4e032106d850a180a0e (diff)
download	FreeBSD-src-ec50e6c644e06308553de640364d9e2962b0e6dc.zip FreeBSD-src-ec50e6c644e06308553de640364d9e2962b0e6dc.tar.gz