Re: WU-FTPD, Solaris 8, anon user, chroot() question

From: Jan-Philip Velders (jpv@jpv.xs4all.nl)
Date: 11/16/01


Date: Fri, 16 Nov 2001 22:56:27 +0100 (CET)
From: Jan-Philip Velders <jpv@jpv.xs4all.nl>
To: Mansel P Bell <Mansel_P_Bell@raytheon.com>
Subject: Re: WU-FTPD, Solaris 8, anon user, chroot() question
Message-ID: <Pine.LNX.4.05.10111162214420.11715-100000@jp-gp.vsi.nl>


> Date: Fri, 16 Nov 2001 12:24:13 -0600
> From: Mansel P Bell <Mansel_P_Bell@raytheon.com>
> Subject: WU-FTPD, Solaris 8, anon user, chroot() question

> I am working on a anonymous-only wu-ftpd design and
> need some help with logging via syslog from within
> an anonymous user's chroot()ed home directory.

Ehm... you may need to clarify that the *daemon* itself is chrooted,
and will probably then perform a chroot into the anonymous-ftp space.

> Configuration info:
> [ ... ]
> - Successfully chroot()ed the Solaris 8 syslogd server:
> --> running from $CHROOT/usr/sbin/syslogd
> --> logging to $CHROOT/var/adm/messages
> - Successfully chroot()ed the wuftpd server:
> --> running from $CHROOT/sbin/in.ftpd
> --> getting anon ftp user info from $CHROOT/etc/passwd
> --> anon ftp user home of $CHROOT/home
> --> each anon class has home of $CHROOT/home/anon{1..N}
> --> all syslog() calls from the parent in.ftpd instance
> log fine to $CHROOT/var/adm/messages

> Problem:
> -------
> Once an anonymous user logs on, a new child process is
> forked, and the user is chroot()ed according to his/her
> anon class, all logging ceases for the child process
> b/c $CHROOT/home/anon{1..N}/var/run/syslog_door does not
> exist...the dreaded "syslog_door" problem all over again.
>
> Does anyone know how to deal with Solaris doors in this
> situation, short of rebuilding a version of syslog.o that
> uses /dev/log instead?

Ehm... I found something on the wu ftpd mailinglist, albeit for
Solaris 2.6 and 7 ...
http://www.landfield.com/wu-ftpd/mail-archive/wu-ftpd/1999/May/0027.html

They specify that the syslog_door is *not* used for logging, but for
finding out if a proces is still running (/var/run after all !).

Perhaps you could fiddle with placing some stuff in $CHROOT/dev ...

On a Solaris 8 E250:

bash-2.03: root / $ strings /usr/sbin/syslogd | egrep -i 'dev/[a-z]' | sort | uniq
/dev/console
/dev/log
/dev/sysmsg
bash-2.03: root / $ ls -al /dev/console /dev/sysmsg /dev/log
lrwxrwxrwx 1 root other 30 Feb 10 2001 /dev/console -> ../devices/pseudo/cn@0:console
lrwxrwxrwx 1 root other 27 Feb 10 2001 /dev/log -> ../devices/pseudo/log@0:log
lrwxrwxrwx 1 root other 33 Feb 10 2001 /dev/sysmsg -> ../devices/pseudo/sysmsg@0:sysmsg
bash-2.03: root / $ ls -al /devices/pseudo/cn@0:console
crw--w---- 1 root tty 0, 0 Nov 16 22:00 /devices/pseudo/cn@0:console
bash-2.03: root / $ ls -al /devices/pseudo/log@0:log
crw-r----- 1 root sys 21, 5 Feb 10 2001 /devices/pseudo/log@0:log
bash-2.03: root / $ ls -al /devices/pseudo/sysmsg@0:sysmsg
crw------- 1 root sys 97, 0 Nov 13 14:12 /devices/pseudo/sysmsg@0:sysmsg
bash-2.03: root / $ cat /etc/release
                           Solaris 8 s28_38shwp2 SPARC
           Copyright 2000 Sun Microsystems, Inc. All Rights Reserved.
                            Assembled 21 January 2000
                     Solaris 8 Maintenance Update 5 applied

> Does anyone otherwise have any ideas on how I can circumvent
> this problem in my design?

I think that your main problem is caused by your wu-ftp daemon process
running chroot. I'm guessing your main reason is to confine a remote
root-hole risk ?

Perhaps you should look at other ftp servers. Very well known are
ProFTPd and BeroFTPd. BeroFTPd has been recommended to me by various
people as an excellent choice for anon-ftp... And those people know
their security stuff ;)

> Any help is sincerely appreciated.
> -Mansel

Regards,
JP Velders



Relevant Pages

  • F-secure 3.0.1
    ... I 've got a problem by using the ssh-chrootmgr. ... I know there is problem with this utility under Solaris. ... chroot done but it exited just after the ... The sftp command works for a normal user which is not chrooted ...
    (comp.security.ssh)
  • Re: sftp-server logging under chroot & privilege separation
    ... The Solaris SSH does not give us the flexibility we want to ... + check that syslogd, syslog-ng, or whathaveyou is using that socket ... sftp-server logging under chroot & privilege separation ... check that the partition where the chroot directory resides is not ...
    (SSH)
  • Re: sftp queries
    ... into the system in Solaris 10? ... Correct me if I'm wrong that chroot is ... able to perform this but it requires openssh to be installed. ... will to install the openssh, what will happen to the ssh that comes ...
    (comp.unix.solaris)
  • Re: mount pset related pids to a different /proc fs mount point?
    ... > /proc has system wide process information. ... > multiple chroot environments, and a proccessor set for each chroot ... in a future Solaris release as an extension to the current Solaris ...
    (comp.unix.solaris)