Date: Fri, 9 Mar 2001 00:20:02 -0800 (PST) From: Bernd Luevelsmeyer <bdluevel@heitec.net> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/25598: patch to let ftpd output message when changing directory Message-ID: <200103090820.f298K2N58197@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/25598; it has been noted by GNATS. From: Bernd Luevelsmeyer <bdluevel@heitec.net> To: Peter Pentchev <roam@orbitel.bg> Cc: FreeBSD-gnats-submit@freebsd.org Subject: Re: bin/25598: patch to let ftpd output message when changing directory Date: Fri, 09 Mar 2001 09:10:14 +0100 Peter Pentchev wrote: > > On Thu, Mar 08, 2001 at 03:08:58AM +0100, bdluevel@heitec.net wrote: [...] > > >Description: > > The patch lets the FTP daemon (after a successful 'cwd' command) > > look for a file '.message' in the current directory and, if > > readable, send the contents to the client, preceding the > > "250 CWD successful." message. The intent is to let > > the FTP site admin announce directory descriptions, copyright > > notices or the like. > [snip the patch itself] > > Hmm I wonder if this should not stat() the file beforehand, to make > sure it's a regular file; otherwise, problems might arise with a local > user creating a FIFO or something, and then pointing a couple of clients > there.. or just letting the FIFO lie dormant until some unsuspecting > soul connects and CWD's :) You are right, of course. Thanks for wording it so politely :-) There's also the issue of uploads, e.g. in public upload directories; someone might create a directory (or find one without a .message) and put a megabyte of whatever there, called '.message' . > Of course, then there's the issue of a race condition between a stat() > and the actual opening.. this might be resolved with a fstat(fileno(fp)) > right after the fopen(), before the first read from the file. I think that's the way to go. To care for unwanted 3rd-party-.messages, one might perhaps check that it's owned by root, or owned by the directory owner? Not world-writeable? And limit the output to max. 20 lines of max. 50 characters each, filtered to printable ASCII (checked with isprint())? > Or should FIFO's be considered an issue at all? I believe yes, since > something similar has been done to inetd recently.. It is certainly an issue. I'm afraid I didn't consider this topic at all. I'll implement the fstat() and a size limitation and/or other sanity checks, and re-submit the patch. I suggest that this ill-conceived PR should be closed. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103090820.f298K2N58197>