[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: Chroot in ftpd on newer kernel versions
From: Rob Landley <rob () landley ! net>
Date: 2012-10-07 23:37:12
Message-ID: CAOS_Y6S9AaG90jn-k_uLt2NLEiqBbFo4w_7vvQUmvjBUZpZQRQ () mail ! gmail ! com
[Download RAW message or body]
On Sun, Oct 7, 2012 at 2:14 AM, Harald Becker <ralda@gmx.de> wrote:
> Hi Rob !
>
>>Yeah, I fixed that for Aboriginal Linux back in August, here's my
>>patch:
>>
>>http://landley.net/hg/aboriginal/file/1535/sources/patches/busybox-ftpd.patch
>
> This hits my intention ... but why getpid? Doesn't this return always
> none zero process id? Did you mean getuid, which makes more sence?
Yup. It was a quick 5 minute "get it working again" hack. There's a
reason I never sent it here. (Also partly because I thought the
behavior change of taking away the ability to select a default
directory for everybody but root was an intentional if unannounced
design change. And because I had a chronic shortage of time/energy
during my year working at polycom, and still have a week in The
Cubicle I can start catching up on anything else.)
> In addition I suggest dropping the user privileges to a specific user
> (e.g. ftp) if run as root. Something like this (untested):
>
> if (!getuid())
> {
> xchroot(".");
> xget_uidgid(&ugid, "ftp");
> xsetgid(ugid.gid);
> xsetuid(ugid.uid);
> }
Good luck. I'm not running it as root...
Rob
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic