diff options
| author | yar <yar@FreeBSD.org> | 2004-07-30 16:57:42 +0000 |
|---|---|---|
| committer | yar <yar@FreeBSD.org> | 2004-07-30 16:57:42 +0000 |
| commit | 9fb1cda8d0409e8a7c170f65b4fca63479fd7e86 (patch) | |
| tree | 2c3f2c4554f849cd375e61273595b07244bf4111 /libexec | |
| parent | 1be1b43db40beaa89f4c46419def1fbce733c82c (diff) | |
| download | FreeBSD-src-9fb1cda8d0409e8a7c170f65b4fca63479fd7e86.zip FreeBSD-src-9fb1cda8d0409e8a7c170f65b4fca63479fd7e86.tar.gz | |
Open a socket for a data transfer in active mode using euid
of the current user, not root. This will allow neat things
like matching anonymous FTP data traffic with a single ipfw(8)
rule:
ipfw add ... tcp from any to any uid ftp
Note that the control connection socket still belongs to the
user ftpd(8) was started from, usually root.
PR: bin/65928
Submitted by: Eugene Grosbein <eugen at grosbein.pp.ru>
MFC after: 1 month
Diffstat (limited to 'libexec')
| -rw-r--r-- | libexec/ftpd/ftpd.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 1b1f45c..8d44c7b 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -1810,7 +1810,6 @@ getdatasock(char *mode) if (data >= 0) return (fdopen(data, mode)); - (void) seteuid((uid_t)0); s = socket(data_dest.su_family, SOCK_STREAM, 0); if (s < 0) @@ -1820,6 +1819,7 @@ getdatasock(char *mode) /* anchor socket to avoid multi-homing problems */ data_source = ctrl_addr; data_source.su_port = htons(dataport); + (void) seteuid((uid_t)0); for (tries = 1; ; tries++) { if (bind(s, (struct sockaddr *)&data_source, data_source.su_len) >= 0) |
