ftpd security issue ?
Jamie Landeg Jones
jamie at bishopston.net
Mon Dec 12 00:52:48 UTC 2011
> > Are the following steps enough to prevent me?
> > # for user in user1 user2 .... ; do
> > mkdir -p ~$user/lib ~$user/usr/lib ~$user/etc
> > chflags sunlink,schg ~$user/lib ~$user/usr ~$user/usr/lib ~$user/etc
> > done
> > #
> Yes that should be sufficient workaround.
I'd modify that to also check that the directories don't already exist,
and delete/rename them if they do.
Currently, (if you ignore error messages) your script will not fix users
who already potentially exploit the issue.
More information about the freebsd-security