Re: segfault in ftpd
From: Garrett Wollman (wollman@lcs.mit.edu)
Date: 04/24/02
- Next message: Blaz Zupan: "Re: segfault in ftpd"
- Previous message: Mikko Tyolajarvi: "Re: segfault in ftpd"
- In reply to: Mikko Tyolajarvi: "Re: segfault in ftpd"
- Next in thread: Blaz Zupan: "Re: segfault in ftpd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Apr 2002 23:10:48 -0400 (EDT) From: Garrett Wollman <wollman@lcs.mit.edu> To: Mikko Tyolajarvi <mikko@dynas.se>
<<On Tue, 23 Apr 2002 19:53:53 -0700 (PDT), Mikko Tyolajarvi <mikko@dynas.se> said:
> makes it such a security problem in the first place -- how often do
> you _really_ need to change user in the middle of an ftp session?
> It should just switch uid and be done with it, IMHO).
Unfortunately, the people who designed the FTP protocol did not
consider the notion of `privileged ports'. As a result, an
active-mode FTP connection is required to originate from
<control.channel.ip.address, 20>, which means that for every
active-mode FTP operation, the FTP server must be able to bind to a
privileged port.
An implementation of capabilities would obviate this problem: ftp
could change its context entirely to that of the client, except
leaving the `can bind low ports' bit on, and still be able to
accomplish what it needs to do.
-GAWollman
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Blaz Zupan: "Re: segfault in ftpd"
- Previous message: Mikko Tyolajarvi: "Re: segfault in ftpd"
- In reply to: Mikko Tyolajarvi: "Re: segfault in ftpd"
- Next in thread: Blaz Zupan: "Re: segfault in ftpd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
