ftpd security issue ?
eugen at grosbein.pp.ru
Fri Dec 9 12:30:16 UTC 2011
09.12.2011 19:24, gabor at zahemszky.hu пишет:
> On Fri, 09 Dec 2011 15:39:15 +0700, Eugene Grosbein wrote:
>> 09.12.2011 15:25, Xin LI пишет:
>>> On Fri, Dec 9, 2011 at 12:04 AM, <gabor at zahemszky.hu> wrote:
>>>> Are the following steps enough to prevent me?
>>>> # for user in user1 user2 .... ; do
>>>> mkdir -p ~$user/lib ~$user/usr/lib ~$user/etc
>>>> chflags sunlink,schg ~$user/lib ~$user/usr ~$user/usr/lib
>>> Yes that should be sufficient workaround.
>> Why /lib and /usr/lib only?
> ??? /lib, /usr/lib and /etc.
> Which directory is missing?
I do not know and therefore, ask.
What guarantees that no other directory may be used to load a library from?
More information about the freebsd-security