Prevent leakage of information about anonymous user's homedir

via 'QUOTE CWD'. Reviewed by: des
author: danny <danny@FreeBSD.org> 2000-11-26 23:33:36 +0000
committer: danny <danny@FreeBSD.org> 2000-11-26 23:33:36 +0000
commit: 229c4409448cfa75f1fadf65bac9a37db2727cb4 (patch)
tree: 6a46d13951ffd219a86987f94bd7451d15e83590 /libexec
parent: c89ed74f61c5cce509dcd099d9900b840be4f2ab (diff)
download: FreeBSD-src-229c4409448cfa75f1fadf65bac9a37db2727cb4.zip
FreeBSD-src-229c4409448cfa75f1fadf65bac9a37db2727cb4.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y
index 9e34221..c30acef 100644
--- a/libexec/ftpd/ftpcmd.y
+++ b/libexec/ftpd/ftpcmd.y
@@ -500,8 +500,12 @@ cmd
 		}
 	| CWD check_login CRLF
 		{
-			if ($2)
-				cwd(pw->pw_dir);
+			if ($2) {
+				if (guest)
+					cwd("/");
+				else
+					cwd(pw->pw_dir);
+			}
 		}
 	| CWD check_login SP pathname CRLF
 		{
author	danny <danny@FreeBSD.org>	2000-11-26 23:33:36 +0000
committer	danny <danny@FreeBSD.org>	2000-11-26 23:33:36 +0000
commit	229c4409448cfa75f1fadf65bac9a37db2727cb4 (patch)
tree	6a46d13951ffd219a86987f94bd7451d15e83590 /libexec
parent	c89ed74f61c5cce509dcd099d9900b840be4f2ab (diff)
download	FreeBSD-src-229c4409448cfa75f1fadf65bac9a37db2727cb4.zip FreeBSD-src-229c4409448cfa75f1fadf65bac9a37db2727cb4.tar.gz