Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 102465 Details for
Bug 155317
net-ftp/ftpd 0.17-r4 always runs ls with gid 0?
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
corrected patch
ftpd-0.17-setguid.patch (text/plain), 1.92 KB, created by
Tavis Ormandy (RETIRED)
on 2006-11-21 06:30:47 UTC
(
hide
)
Description:
corrected patch
Filename:
MIME Type:
Creator:
Tavis Ormandy (RETIRED)
Created:
2006-11-21 06:30:47 UTC
Size:
1.92 KB
patch
obsolete
>--- linux-ftpd-0.17/ftpd/popen.c.bak 1999-07-16 11:12:54.000000000 +1000 >+++ linux-ftpd-0.17/ftpd/popen.c 2006-08-25 13:31:33.950447078 +1000 >@@ -169,8 +169,13 @@ > * XXX: this doesn't seem right... and shouldn't > * we initgroups, or at least setgroups(0,0)? > */ >- setgid(getegid()); >- setuid(i); >+ >+/* >+ * PSz 25 Aug 06 Must check the return status of these setgid/setuid calls, >+ * see http://www.bress.net/blog/archives/34-setuid-madness.html >+ */ >+ if ( setgid(getegid()) != 0 ) _exit(1); >+ if ( setuid(i) != 0 ) _exit(1); > > #ifndef __linux__ > /* >--- linux-ftpd-0.17/ftpd/ftpd.c.bak 2006-08-25 12:53:25.277537000 +1000 >+++ linux-ftpd-0.17/ftpd/ftpd.c 2006-08-25 13:46:28.798975583 +1000 >@@ -1159,6 +1159,13 @@ > } > strcpy(pw->pw_dir, "/"); > setenv("HOME", "/", 1); >+ } >+ /* PSz 25 Aug 06 chdir for real users done after setting UID */ >+ if (seteuid((uid_t)pw->pw_uid) < 0) { >+ reply(550, "Can't set uid."); >+ goto bad; >+ } >+ if (guest || dochroot) { /* do nothing, handled above */ > } else if (chdir(pw->pw_dir) < 0) { > if (chdir("/") < 0) { > reply(530, "User %s: can't change directory to %s.", >@@ -1167,10 +1174,7 @@ > } else > lreply(230, "No directory! Logging in with home=/"); > } >- if (seteuid((uid_t)pw->pw_uid) < 0) { >- reply(550, "Can't set uid."); >- goto bad; >- } >+ > sigfillset(&allsigs); > sigprocmask(SIG_UNBLOCK,&allsigs,NULL); > >@@ -1408,7 +1412,8 @@ > goto bad; > sleep(tries); > } >- (void) seteuid((uid_t)pw->pw_uid); >+/* PSz 25 Aug 06 Check return status */ >+ if (seteuid((uid_t)pw->pw_uid) != 0) _exit(1); > sigfillset(&allsigs); > sigprocmask (SIG_UNBLOCK, &allsigs, NULL); > >@@ -1440,7 +1445,8 @@ > bad: > /* Return the real value of errno (close may change it) */ > t = errno; >- (void) seteuid((uid_t)pw->pw_uid); >+/* PSz 25 Aug 06 Check return status */ >+ if (seteuid((uid_t)pw->pw_uid) != 0) _exit(1); > sigfillset (&allsigs); > sigprocmask (SIG_UNBLOCK, &allsigs, NULL); > (void) close(s);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=102465">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 155317
: 102465
