ftpd: make DIR parameter work for non-root too: chdir to it instead of chroot
Unfortunately, chroot() works only for root user, because of attacks on setuid binaries (make DIR/lib/ld-linux.so a shell, hardlink to a setuid binary, chroot to DIR, execute it and get root shell). function old new delta ftpd_main 2160 2180 +20 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
parent
bf74fb4497
commit
f7ad927c20
@ -1223,11 +1223,26 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
#endif
|
#endif
|
||||||
argv += optind;
|
argv += optind;
|
||||||
if (argv[0]) {
|
if (argv[0]) {
|
||||||
|
const char *basedir = argv[0];
|
||||||
#if !BB_MMU
|
#if !BB_MMU
|
||||||
G.root_fd = xopen("/", O_RDONLY | O_DIRECTORY);
|
G.root_fd = xopen("/", O_RDONLY | O_DIRECTORY);
|
||||||
close_on_exec_on(G.root_fd);
|
close_on_exec_on(G.root_fd);
|
||||||
#endif
|
#endif
|
||||||
xchroot(argv[0]);
|
if (chroot(basedir) == 0)
|
||||||
|
basedir = "/";
|
||||||
|
#if !BB_MMU
|
||||||
|
else {
|
||||||
|
close(G.root_fd);
|
||||||
|
G.root_fd = -1;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
/*
|
||||||
|
* If chroot failed, assume that we aren't root,
|
||||||
|
* and at least chdir to the specified DIR
|
||||||
|
* (older versions were dying with error message).
|
||||||
|
* If chroot worked, move current dir to new "/":
|
||||||
|
*/
|
||||||
|
xchdir(basedir);
|
||||||
}
|
}
|
||||||
|
|
||||||
#if ENABLE_FEATURE_FTP_AUTHENTICATION
|
#if ENABLE_FEATURE_FTP_AUTHENTICATION
|
||||||
|
Loading…
Reference in New Issue
Block a user