ftpd: change_identity() must be after chroot()

Otherwise chroot() doesn't work for non-root

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2015-03-31 21:46:26 +02:00
parent 379e8e81af
commit 9472e8a86f

View File

@ -1116,6 +1116,9 @@ int ftpd_main(int argc, char **argv)
int ftpd_main(int argc UNUSED_PARAM, char **argv)
#endif
{
#if ENABLE_FEATURE_FTP_AUTHENTICATION
struct passwd *pw = NULL;
#endif
unsigned abs_timeout;
unsigned verbose_S;
smallint opts;
@ -1193,12 +1196,8 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv)
signal(SIGALRM, timeout_handler);
#if ENABLE_FEATURE_FTP_AUTHENTICATION
{
struct passwd *pw = NULL;
while (1) {
uint32_t cmdval = cmdio_get_cmd_and_arg();
if (cmdval == const_USER) {
pw = getpwnam(G.ftp_arg);
cmdio_write_raw(STR(FTP_GIVEPWORD)" Please specify password\r\n");
@ -1215,8 +1214,6 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv)
cmdio_write_raw(STR(FTP_LOGINERR)" Login with USER and PASS\r\n");
}
}
change_identity(pw);
}
WRITE_OK(FTP_LOGINOK);
#endif
@ -1233,6 +1230,10 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv)
xchroot(argv[0]);
}
#if ENABLE_FEATURE_FTP_AUTHENTICATION
change_identity(pw);
#endif
/* RFC-959 Section 5.1
* The following commands and options MUST be supported by every
* server-FTP and user-FTP, except in cases where the underlying