[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: RE: ftpd authentication
From: Morten Kvistgaard <MK () pch-engineering ! dk>
Date: 2014-09-16 7:10:02
Message-ID: 0855BDD4CF82174A8BE362DE9F27C3BF026F86BF2A03 () pche-exchange
[Download RAW message or body]
> On Monday 15 September 2014 16:34, Morten Kvistgaard wrote:
> > Hello Denys,
> >
> > I've studied the last patch you applied to ftpd.
> >
> > The patch can be fixed if you reorder the "change_identity" to beneath the
> jail.
>
> Fix in what way? What is the bug?
The bug is that if you use the authentication + chroot feature, the server will crash \
at login. (Connection closes.) The current code goes like this:
...
change_identity(pw);
...
xchroot(argv[0]);
...
According to doc, http://linux.die.net/man/2/chroot, only privileged processes may \
call chroot. So the crash makes sence.
>
> > Also the "change_identity" ought to conflict with the NOMMU jail break.
> > However a carefully placed call to "getpwuid" seems to somehow solve
> this. (wtf?) I've tested it on Ubuntu + uClinux.
>
> What is the bug?
The same issue arise when the NOMMU has to break out of jail. (chroot again.) You \
need to regain privileges before you can break out.
--
This message has been scanned for viruses and dangerous content by CronLab
(www.cronlab.com), and is believed to be clean.
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic