svn commit: r228843 - head/contrib/telnet/libtelnet
head/crypto/heimdal/appl/telnet/libtelnet head/include head/lib/libc/gen
head/lib/libc/iconv head/lib/libc/include head/lib/libc/net head/libexec...
Andrey Chernov
ache at FreeBSD.ORG
Thu Dec 29 21:30:44 UTC 2011
On Thu, Dec 29, 2011 at 04:17:04PM -0500, John Baldwin wrote:
> Presumably one could do a static ls. Even with the built-in ls we
> create a dummy passwd/group file for the anonymous chroot by default.
> I agree a built-in ls is strictly better, however. I would also be
> fine with removing all notion of execv for helper programs from ftpd
> and have it only ever use the built-in ls via ftpd_popen().
Don't think about our ftpd only. Other ones calls date(1), tar(1), etc.
> However,
> I do think that this mostly falls down to creating "safe" chroot / jail
> areas rather than the OS being able to defend unsafe areas.
I agree. We can describe safe way better in our documentation, but can't
prevent foot shooting without penalty for "good" admins. Bad example is M$
Windows which tries to prevent foot shooting from _inside_ the system by
greedy and annoying permanent antivirus monitoring.
--
http://ache.vniz.net/
More information about the freebsd-security
mailing list