diff options
author | eugen <eugen@FreeBSD.org> | 2017-11-06 11:10:43 +0000 |
---|---|---|
committer | eugen <eugen@FreeBSD.org> | 2017-11-06 11:10:43 +0000 |
commit | b64047ceffa88ec836ff78f5500004fbba71ae23 (patch) | |
tree | 2a54f488083e9e57d0a00f81ae615d7bcbca2d04 /libexec | |
parent | 0bfa1effcec434e85c0746616e83c817dc976c4c (diff) | |
download | FreeBSD-src-b64047ceffa88ec836ff78f5500004fbba71ae23.zip FreeBSD-src-b64047ceffa88ec836ff78f5500004fbba71ae23.tar.gz |
MFC r324364: ftpd(8): fix user context handling
Apply authenticated user context after update of wtmp(5) at start of session,
so that ftpd process is not killed by kernel with SIGXFSZ when user has
"filesize" limit lower than size of system wtmp file. Same applies
to session finalization: revert to super-user context before update of wtmp.
If ftpd hits limit while writing a file at user request,
do not get killed with SIGXFSZ instantly but apparently ignore the signal,
process error and report it to the user, and continue with the session.
PR: 143570
Approved by: mav (mentor)
Diffstat (limited to 'libexec')
-rw-r--r-- | libexec/ftpd/ftpd.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 5756c28..1e9c794 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -430,6 +430,10 @@ main(int argc, char *argv[], char **envp) } } + /* handle filesize limit gracefully */ + sa.sa_handler = SIG_IGN; + (void)sigaction(SIGXFSZ, &sa, NULL); + if (daemon_mode) { int *ctl_sock, fd, maxfd = -1, nfds, i; fd_set defreadfds, readfds; @@ -1196,14 +1200,14 @@ end_login(void) #endif (void) seteuid(0); - if (logged_in && dowtmp) - ftpd_logwtmp(wtmpid, NULL, NULL); - pw = NULL; #ifdef LOGIN_CAP setusercontext(NULL, getpwuid(0), 0, LOGIN_SETALL & ~(LOGIN_SETLOGIN | LOGIN_SETUSER | LOGIN_SETGROUP | LOGIN_SETPATH | LOGIN_SETENV)); #endif + if (logged_in && dowtmp) + ftpd_logwtmp(wtmpid, NULL, NULL); + pw = NULL; #ifdef USE_PAM if (pamh) { if ((e = pam_setcred(pamh, PAM_DELETE_CRED)) != PAM_SUCCESS) @@ -1478,7 +1482,7 @@ skip: } } setusercontext(lc, pw, 0, LOGIN_SETALL & - ~(LOGIN_SETUSER | LOGIN_SETPATH | LOGIN_SETENV)); + ~(LOGIN_SETRESOURCES | LOGIN_SETUSER | LOGIN_SETPATH | LOGIN_SETENV)); #else setlogin(pw->pw_name); (void) initgroups(pw->pw_name, pw->pw_gid); @@ -1520,6 +1524,10 @@ skip: (struct sockaddr *)&his_addr); logged_in = 1; +#ifdef LOGIN_CAP + setusercontext(lc, pw, 0, LOGIN_SETRESOURCES); +#endif + if (guest && stats && statfd < 0) #ifdef VIRTUAL_HOSTING statfd = open(thishost->statfile, O_WRONLY|O_APPEND); @@ -2770,6 +2778,11 @@ dologout(int status) if (logged_in && dowtmp) { (void) seteuid(0); +#ifdef LOGIN_CAP + setusercontext(NULL, getpwuid(0), 0, LOGIN_SETALL & ~(LOGIN_SETLOGIN | + LOGIN_SETUSER | LOGIN_SETGROUP | LOGIN_SETPATH | + LOGIN_SETENV)); +#endif ftpd_logwtmp(wtmpid, NULL, NULL); } /* beware of flushing buffers after a SIGPIPE */ |