diff options
Diffstat (limited to 'libexec')
-rw-r--r-- | libexec/ftpd/ftpd.c | 1 | ||||
-rw-r--r-- | libexec/ftpd/popen.c | 3 |
2 files changed, 4 insertions, 0 deletions
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 5894f3c..00570d6 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -1562,6 +1562,7 @@ skip: reply(550, "Can't change root."); goto bad; } + __FreeBSD_libc_enter_restricted_mode(); } else /* real user w/o chroot */ homedir = pw->pw_dir; /* diff --git a/libexec/ftpd/popen.c b/libexec/ftpd/popen.c index 8a739dc..9f80507 100644 --- a/libexec/ftpd/popen.c +++ b/libexec/ftpd/popen.c @@ -143,6 +143,9 @@ ftpd_popen(char *program, char *type) } (void)close(pdes[1]); } + /* Drop privileges before proceeding */ + if (getuid() != geteuid() && setuid(geteuid()) < 0) + _exit(1); if (strcmp(gargv[0], _PATH_LS) == 0) { /* Reset getopt for ls_main() */ optreset = optind = optopt = 1; |