Re: svn commit: r228843 - head/contrib/telnet/libtelnet head/crypto/heimdal/appl/telnet/libtelnet head/include head/lib/libc/gen head/lib/libc/iconv head/lib/libc/include head/lib/libc/net head/libexec...



On Thu, Dec 29, 2011 at 12:54:23PM -0800, Xin Li wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/29/11 12:46, Andrey Chernov wrote:
[...]
In case user (more precisely, ftpd) runs any program which resides
in /incoming/, nothing helps in anycase. In case ftpd runs known
programs from known locations only, it can't be overriden because
known program

No it doesn't run external programs.

I know)

So, there are two problems as result:
1) Wrong chroot() setup (i.e. all program and directories are owned by
user, not by root). The way to fight it is better explanation in both
chroot(2) and ftpd(8) man pages.

2) Loading .so from the current directory. This should be fixed in the
code by either calling rtld function or rtld env variable.

--
http://ache.vniz.net/
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"