Re: wu-ftpd info.

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Marc W. Mengel: "Re: wu-ftpd info."
• Previous message: Rob Quinn: "Re: wu-ftpd info."
• In reply to: Ken Hardy: "Re: wu-ftpd info."
• Next in thread: Marc W. Mengel: "Re: wu-ftpd info."

Principal problem is that the chrooted environemnt is only for
anonymous ftp.  If I ftp in to a user account, it lets me do that and
it does *not* chroot the directory.  The hazards should be obvious.

Add to that the fact that even in a chrooted directory under anonymous
ftp, getting on as a privileged user can be dangerous -- the files are
accessible from the regular file systems (e.g., user accounts).

For instance:
attacker uses ftp to create suid-root shell in ftp directory
attacker logs in as user foo (bin, uucp, etc) and executes suid shell
  from ftp directory
attacker romps

--spaf

• Next message: Marc W. Mengel: "Re: wu-ftpd info."
• Previous message: Rob Quinn: "Re: wu-ftpd info."
• In reply to: Ken Hardy: "Re: wu-ftpd info."
• Next in thread: Marc W. Mengel: "Re: wu-ftpd info."