Date: Thu, 6 Aug 1998 15:13:21 -0700 (PDT) From: Brian Tiemann <btman@ugcs.caltech.edu> To: freebsd-stable@FreeBSD.ORG Subject: Re: [proftpd-l] New ProFTPd user - Security, Incoming and pwd.db? (fwd) Message-ID: <Pine.BSF.4.02.9808061512110.15760-100000@lionking.org>
next in thread | raw e-mail | index | archive | help
Forwarded from the proftpd mailing list. Just to make sure this is
out in the open and people know about it...
Brian
---------- Forwarded message ----------
Date: Thu, 6 Aug 1998 17:50:08 -0400
From: Floody <flood@evcom.net>
Reply-To: proftpd-l@evcom.net
To: Karl Pielorz <kpielorz@tdx.co.uk>
Cc: proftpd-l@evcom.net
Subject: Re: [proftpd-l] New ProFTPd user - Security, Incoming and pwd.db?
On Thu, Aug 06, 1998 at 04:10:28PM +0100, Karl Pielorz wrote:
> Floody wrote:
>
> > I'm not sure why this happens (on FreeBSD only). I don't have a free box
> > that I can run root on. Does this happen ONLY for anonymous (or other
> > chroot()ed logins)? When _exactly_ does it occur?
>
> It occurs once, and only once when inetd fires up proftpd...
>
> "Aug 6 10:49:18 caladan proftpd[15835]: /etc/pwd.db: No such file or directory"
>
> I thought it would happen if the process has chroot'd itself - i.e. it can't get
> to the real '/etc/pwd.db' ;-)
Ok. I put up a test FreeBSD 2.2.7 system. There appears to be a libc
problem with the setpassent() function, which doesn't work on FreeBSD as
documented in the man pages (or on any other BSD). This is the heart of
the problem. There is no workaround until libc is fixed.
Sample code to demonstrate the problem, MUST be run as root:
--TEAR HEAR--
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <pwd.h>
int main()
{
setpassent(1);
getpwent();
chroot("/usr");
chdir("/");
if(!getpwuid(0)) {
printf("setpassent doesn't appear to work\n");
} else {
if(!getpwuid(0))
printf("second getpwuid(0) didn't work\n");
else
printf("setpassent works\n");
}
return 0;
}
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.02.9808061512110.15760-100000>