svn commit: r228843 - head/contrib/telnet/libtelnet head/crypto/heimdal/appl/telnet/libtelnet head/include head/lib/libc/gen head/lib/libc/iconv head/lib/libc/include head/lib/libc/net head/libexec...

Andrey Chernov ache at FreeBSD.ORG
Thu Dec 29 21:02:03 UTC 2011

On Thu, Dec 29, 2011 at 12:54:23PM -0800, Xin Li wrote:
> Hash: SHA1
> On 12/29/11 12:46, Andrey Chernov wrote:
> [...]
> > In case user (more precisely, ftpd) runs any program which resides
> > in /incoming/, nothing helps in anycase. In case ftpd runs known
> > programs from known locations only, it can't be overriden because
> > known program
> No it doesn't run external programs.

I know)

So, there are two problems as result:
1) Wrong chroot() setup (i.e. all program and directories are owned by 
user, not by root). The way to fight it is better explanation in both 
chroot(2) and ftpd(8) man pages.

2) Loading .so from the current directory. This should be fixed in the 
code by either calling rtld function or rtld env variable.


More information about the freebsd-security mailing list