Date: Sun, 20 Oct 1996 23:18:11 -0700 From: David Greenman <dg@root.com> To: Brian Tao <taob@io.org> Cc: Ollivier Robert <roberto@keltia.freenix.fr>, freebsd-security@freebsd.org Subject: Re: bin/1805: Bug in ftpd Message-ID: <199610210618.XAA21376@root.com> In-Reply-To: Your message of "Sun, 20 Oct 1996 22:51:12 EDT." <Pine.BSF.3.95.961020224937.1199D-100000@crunch.io.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>On Tue, 15 Oct 1996, David Greenman wrote: >> >> Unfortunately, this isn't true for anonymous ftp which runs as root. > > Doesn't an anon ftp connection open the chrooted /etc/spwd.db >though (e.g., /var/spool/ftp/etc/spwd.db, here)? Hmmm. I think it still opens the normal one first in order to verify the existence of the "ftp" user. In any case, I don't think this is an issue because the core file is created with uid 0 and 0600 permissions...and ftpd accesses files as user ftp when running as anonymous. So in other words, even if it did create a core file, the anonymous user wouldn't be able to read it. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610210618.XAA21376>