[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-303-g34226
|
From: |
Mats Erik Andersson |
|
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-303-g342261e |
|
Date: |
Mon, 17 Jun 2013 13:11:32 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via 342261ea9ef24419288f044188ab8301c71b859e (commit)
from b151d97c67a0e44e30f96786b3d1f8aa915ba573 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=342261ea9ef24419288f044188ab8301c71b859e
commit 342261ea9ef24419288f044188ab8301c71b859e
Author: Mats Erik Andersson <address@hidden>
Date: Tue Jun 11 13:32:30 2013 +0200
ftpd: Erroneous access check.
diff --git a/ChangeLog b/ChangeLog
index 6ad6003..93f2ffc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,25 @@
+2013-06-11 Mats Erik Andersson <address@hidden>
+
+ ftpd: Erroneous access check.
+ The result of a user name match in PATH_FTPUSERS
+ is never applied.
+
+ * ftpd/auth.c (auth_user): Immediately return with
+ an error when a user is denied access based on an
+ entry in PATH_FTPUSERS.
+
+
+ ftpd: Better name matching mechanism.
+
+ * ftpd/conf.c: Include <ctype.h>.
+ (checkuser): Accept an input line without final
+ newline. Allow initial blanks on input line.
+ For better portability, allow trailing text
+ separated from user name by blanks.
+
+ * doc/inetutils.texi <ftpd invocation>: Better
+ exposure of ftpchroot effects.
+
2013-06-08 Mats Erik Andersson <address@hidden>
logger: Flexibel UNIX socket name.
diff --git a/doc/inetutils.texi b/doc/inetutils.texi
index e344e50..24b4650 100644
--- a/doc/inetutils.texi
+++ b/doc/inetutils.texi
@@ -3664,6 +3664,9 @@ However, the module is known to be partially broken since
ten years back, when one compares the claims in its manual page,
so not all claimed trickery is available!
address@hidden Standards
address@hidden standards}
+
The FTP server currently supports the following FTP requests.
The letter case of any request is ignored.
@@ -3741,13 +3744,16 @@ transfer status will be returned.
conventions used by @command{csh}. This allows users to utilize the
metacharacters @address@hidden@}~}.
address@hidden Authentication
address@hidden authentication}
+
@command{ftpd} authenticates users according to four rules.
@enumerate
@item
The login name must be in the password data base, @file{/etc/passwd},
-and not have a null password. In this case a password must be
-provided by the client before any file operations may be performed.
+and must not have a null password. In this case a password must be
+provided by the client before any file operations can be performed.
@item
The login name must not appear in the file @file{/etc/ftpusers}.
@@ -3763,10 +3769,17 @@ convention an email address for the user should be used
as the
password).
@end enumerate
-In the last case, @command{ftpd} takes special measures to restrict
-the client's access privileges. The server performs a chroot to the
-home directory of the @samp{ftp} user. In order that system security
-is not breached, it is recommended that the @samp{ftp} subtree be
+A further access mechanism is provided by the file
address@hidden/etc/ftpchroot}.
+A user mentioned therein will have all access confined to the subtree
+rooted at the home directory specified in @file{/etc/passwd}.
+
+In the case of anonymous access, @command{ftpd} takes special measures
+to restrict the client's access privileges. The server always performs
+a chroot to the home directory of the @samp{ftp} user.
+
+In order that system security is not breached,
+it is recommended that the @samp{ftp} subtree be
constructed with care, following these rules:
@table @file
@@ -3776,10 +3789,11 @@ Make the home directory owned by @samp{root} and not
writable by anyone.
@item ~ftp/bin
Make this directory owned by @samp{root} and not writable by anyone
(mode 555). The program @command{ls} must be present to support the
-list command. This program should be mode 111.
+list command, unless the server was compiled with libls support.
+This program should be mode 111.
@item ~ftp/etc
-Make this directory owned by @samp{root} and unwritable by anyone
+Make this directory owned by @samp{root} and not writable by anyone
(mode 555). The files @file{passwd} and @file{group} must be present
for the @command{ls} command to be able to produce owner names rather
than numbers. The password field in @file{passwd} is not used, and
@@ -3794,6 +3808,7 @@ this directory.
@end table
@section Configuration files
address@hidden files}
@table @samp
@item @file{/etc/ftpchroot}
@@ -3802,7 +3817,7 @@ The anonymous user @samp{ftp} is always considered
to be a member of this list, explicit or not.
@item @file{/etc/ftpusers}
-List of unwelcome/restricted users.
+List of unwelcome/restricted users, always to be denied access.
@item @file{/etc/ftpwelcome}
Welcome notice printed before server identification
diff --git a/ftpd/auth.c b/ftpd/auth.c
index ed6f697..810eead 100644
--- a/ftpd/auth.c
+++ b/ftpd/auth.c
@@ -132,7 +132,7 @@ auth_user (const char *name, struct credentials *pcred)
if (cp == NULL || checkuser (PATH_FTPUSERS, name))
{
sprintf (pcred->message, "User %s access denied.", name);
- err = 1;
+ return 1;
}
}
else
diff --git a/ftpd/conf.c b/ftpd/conf.c
index 6c87cd4..1824e0d 100644
--- a/ftpd/conf.c
+++ b/ftpd/conf.c
@@ -21,6 +21,7 @@
#include <stdio.h>
#include <errno.h>
#include <string.h>
+#include <ctype.h>
#include "extern.h"
#ifndef LINE_MAX
@@ -48,8 +49,11 @@ display_file (const char *name, int code)
return errno;
}
-/* Check if a user is in the file PATH_FTPUSERS
- return 1 if yes 0 otherwise. */
+/*
+ * Check if a user is in the file `filename',
+ * typically PATH_FTPUSERS or PATH_FTPCHROOT.
+ * Return 1 if yes, 0 otherwise.
+ */
int
checkuser (const char *filename, const char *name)
{
@@ -62,17 +66,27 @@ checkuser (const char *filename, const char *name)
{
while (fgets (line, sizeof (line), fp) != NULL)
{
- if (line[0] == '#')
- continue;
+ /* Properly terminate input. */
p = strchr (line, '\n');
if (p != NULL)
+ *p = '\0';
+
+ /* Disregard initial blank characters. */
+ p = line;
+ while (isblank (*p))
+ p++;
+
+ /* Skip comments, and empty lines. */
+ if (*p == '#' || *p == 0)
+ continue;
+
+ /* User name ends at the first blank character. */
+ if (strncmp (p, name, strlen (name)) == 0
+ && (p[strlen (name)] == 0
+ || isblank (p[strlen (name)])))
{
- *p = '\0';
- if (strcmp (line, name) == 0)
- {
- found = 1;
- break;
- }
+ found = 1;
+ break;
}
}
fclose (fp);
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 22 ++++++++++++++++++++++
doc/inetutils.texi | 33 ++++++++++++++++++++++++---------
ftpd/auth.c | 2 +-
ftpd/conf.c | 34 ++++++++++++++++++++++++----------
4 files changed, 71 insertions(+), 20 deletions(-)
hooks/post-receive
--
GNU Inetutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-303-g342261e,
Mats Erik Andersson <=