fix for `restricted-uid'/`restricted-gid' directive may be bypassed

Submitted by: Matt Zimmerman <mdz@debian.org>
author: Andrey A. Chernov <ache@FreeBSD.org> 2004-03-08 13:39:20 +0000
committer: Andrey A. Chernov <ache@FreeBSD.org> 2004-03-08 13:39:20 +0000
commit: fc23b5141fa6befd9b2253d42817b335e2ab7cb9 (patch)
tree: f64978e77b6f41f5afed187213c9dbe693122f2d /ftp/wu-ftpd/files
parent: Add wu-ftpd `restricted-[ug]id' issue. (diff)
1 files changed, 11 insertions, 2 deletions
diff --git a/ftp/wu-ftpd/files/patch-aa b/ftp/wu-ftpd/files/patch-aa
index 8ce2f17afbf2..fb9496f1c4fe 100644
--- a/ftp/wu-ftpd/files/patch-aa
+++ b/ftp/wu-ftpd/files/patch-aa
@@ -1,5 +1,5 @@
---- src/ftpd.c.orig	Tue Oct  2 22:21:17 2001
-+++ src/ftpd.c	Tue Oct  2 22:21:17 2001
+--- src/ftpd.c.orig	Mon Mar  8 07:24:50 2004
++++ src/ftpd.c	Mon Mar  8 07:24:50 2004
 @@ -447,7 +447,6 @@
  #ifdef OPIE
  #include <opie.h>
@@ -86,3 +86,12 @@
  #endif /* OPIE */
  #ifdef ULTRIX_AUTH
  	    if ((numfails = ultrix_check_pass(passwd, xpasswd)) >= 0) {
+@@ -3189,7 +3191,7 @@
+ 		  pw->pw_name, pw->pw_dir);
+ 	    goto bad;
+ #else
+-	    if (chdir("/") < 0) {
++	    if (restricted_user || chdir("/") < 0) {
+ #ifdef VERBOSE_ERROR_LOGING
+ 		syslog(LOG_NOTICE, "FTP LOGIN FAILED (cannot chdir) for %s, %s",
+ 		       remoteident, pw->pw_name);
author	Andrey A. Chernov <ache@FreeBSD.org>	2004-03-08 13:39:20 +0000
committer	Andrey A. Chernov <ache@FreeBSD.org>	2004-03-08 13:39:20 +0000
commit	fc23b5141fa6befd9b2253d42817b335e2ab7cb9 (patch)
tree	f64978e77b6f41f5afed187213c9dbe693122f2d /ftp/wu-ftpd/files
parent	Add wu-ftpd `restricted-[ug]id' issue. (diff)