fix for `restricted-uid'/`restricted-gid' directive may be bypassed

Submitted by: Matt Zimmerman <mdz@debian.org>
author: Munechika SUMIKAWA <sumikawa@FreeBSD.org> 2004-03-08 13:58:54 +0000
committer: Munechika SUMIKAWA <sumikawa@FreeBSD.org> 2004-03-08 13:58:54 +0000
commit: 3122ba2d124e82f72bef9c3e8d369404211c62e4 (patch)
tree: 172e5bcc437e5f8e7d0ea304a77cc942eca7b1ce /ftp/wu-ftpd+ipv6/files
parent: - Add securirty Fix from cvs (diff)
1 files changed, 11 insertions, 2 deletions
diff --git a/ftp/wu-ftpd+ipv6/files/patch-aa b/ftp/wu-ftpd+ipv6/files/patch-aa
index 8ce2f17afbf2..fb9496f1c4fe 100644
--- a/ftp/wu-ftpd+ipv6/files/patch-aa
+++ b/ftp/wu-ftpd+ipv6/files/patch-aa
@@ -1,5 +1,5 @@
---- src/ftpd.c.orig	Tue Oct  2 22:21:17 2001
-+++ src/ftpd.c	Tue Oct  2 22:21:17 2001
+--- src/ftpd.c.orig	Mon Mar  8 07:24:50 2004
++++ src/ftpd.c	Mon Mar  8 07:24:50 2004
 @@ -447,7 +447,6 @@
  #ifdef OPIE
  #include <opie.h>
@@ -86,3 +86,12 @@
  #endif /* OPIE */
  #ifdef ULTRIX_AUTH
  	    if ((numfails = ultrix_check_pass(passwd, xpasswd)) >= 0) {
+@@ -3189,7 +3191,7 @@
+ 		  pw->pw_name, pw->pw_dir);
+ 	    goto bad;
+ #else
+-	    if (chdir("/") < 0) {
++	    if (restricted_user || chdir("/") < 0) {
+ #ifdef VERBOSE_ERROR_LOGING
+ 		syslog(LOG_NOTICE, "FTP LOGIN FAILED (cannot chdir) for %s, %s",
+ 		       remoteident, pw->pw_name);
author	Munechika SUMIKAWA <sumikawa@FreeBSD.org>	2004-03-08 13:58:54 +0000
committer	Munechika SUMIKAWA <sumikawa@FreeBSD.org>	2004-03-08 13:58:54 +0000
commit	3122ba2d124e82f72bef9c3e8d369404211c62e4 (patch)
tree	172e5bcc437e5f8e7d0ea304a77cc942eca7b1ce /ftp/wu-ftpd+ipv6/files
parent	- Add securirty Fix from cvs (diff)