svn commit: r228843 - head/contrib/telnet/libtelnet head/crypto/heimdal/appl/telnet/libtelnet head/include head/lib/libc/gen head/lib/libc/iconv head/lib/libc/include head/lib/libc/net head/libexec...

Andrey Chernov ache at FreeBSD.ORG
Thu Dec 29 21:30:44 UTC 2011

On Thu, Dec 29, 2011 at 04:17:04PM -0500, John Baldwin wrote:
> Presumably one could do a static ls.  Even with the built-in ls we
> create a dummy passwd/group file for the anonymous chroot by default.
> I agree a built-in ls is strictly better, however.  I would also be
> fine with removing all notion of execv for helper programs from ftpd
> and have it only ever use the built-in ls via ftpd_popen().

Don't think about our ftpd only. Other ones calls date(1), tar(1), etc.

> However,
> I do think that this mostly falls down to creating "safe" chroot / jail
> areas rather than the OS being able to defend unsafe areas.

I agree. We can describe safe way better in our documentation, but can't 
prevent foot shooting without penalty for "good" admins. Bad example is M$ 
Windows which tries to prevent foot shooting from _inside_ the system by 
greedy and annoying permanent antivirus monitoring.


More information about the freebsd-security mailing list