svn commit: r211393 - head/lib/libutil

Attilio Rao attilio at freebsd.org
Thu Aug 19 14:36:46 UTC 2010


2010/8/16 Dag-Erling Smørgrav <des at des.no>:
> Dag-Erling Smørgrav <des at des.no> writes:
>> Note that this commit semi-intentionally introduces another bug: in some
>> cases, the user's limits will not be applied at all.  This is by far the
>> lesser of two evils, and is easy (albeit time-consuming) to fix.
>
> Specifically, each of the files listed below needs to be audited.  Those
> that already call setusercontext() with the LOGIN_SETUSER flag set are
> fine.  Those that don't need to do so either instead of or shortly after
> calling setuid().

[snip]

> --
> libexec/ftpd/ftpd.c:    setusercontext(NULL, getpwuid(0), 0,
> libexec/ftpd/ftpd.c-                   LOGIN_SETPRIORITY|LOGIN_SETRESOURCES|LOGIN_SETUMASK|
> libexec/ftpd/ftpd.c-                   LOGIN_SETMAC);
> --
> libexec/ftpd/ftpd.c:    setusercontext(lc, pw, 0,
> libexec/ftpd/ftpd.c-            LOGIN_SETLOGIN|LOGIN_SETGROUP|LOGIN_SETPRIORITY|
> libexec/ftpd/ftpd.c-            LOGIN_SETRESOURCES|LOGIN_SETUMASK|LOGIN_SETMAC);

It seems to me that ftpd doesn't need any change, do you agree?

Thanks,
Attilio


-- 
Peace can only be achieved by understanding - A. Einstein


More information about the svn-src-all mailing list