Date: Thu, 1 Jan 2004 18:49:38 -0800 (PST) From: Alexander Melkov <melkov@comptek.ru> To: freebsd-gnats-submit@FreeBSD.org Subject: bin/60809: ftpd should not allow anonymous users to delete files [patch] Message-ID: <200401020249.i022ncGL042410@www.freebsd.org> Resent-Message-ID: <200401020250.i022o9dR013446@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 60809
>Category: bin
>Synopsis: ftpd should not allow anonymous users to delete files [patch]
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jan 01 18:50:08 PST 2004
>Closed-Date:
>Last-Modified:
>Originator: Alexander Melkov
>Release: 4.9-STABLE
>Organization:
>Environment:
>Description:
As man ftpd says, "by default, anonymous users cannot modify existing files". Anyway, current ftpd code allows them to delete existing files, provided that access rights are correct.
This is, in effect, very much like allowing to modify.
Combining SUIDDIR and -M flag to ftpd is not a good workaround.
>How-To-Repeat:
run
/usr/libexec/ftpd -ADllS
(may be other flags, but not -m).
create mode 1777 incoming directory in appropriate location.
Using ftp client, create and then delete a file in incoming.
>Fix:
ftpd.c is 1.62.2.51
melkov:/usr/src/libexec/ftpd# diff ftpd.c.orig ftpd.c
2450c2450
< if (unlink(name) < 0) {
---
> if ((guest && noguestmod) || unlink(name) < 0) {
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401020249.i022ncGL042410>