> Thank you! I have pushed this to git. Next time, please run 'make
> syntax-check' to check your patches (code indentation caused troubles
> now, but I fixed it) and feel free to include the NEWS blurb in the git
> patch itself.
>
Thank you. I will.
> I'll reach out to the netbsd-tnftpd
Jeffrey writes:
> Patch attached.
Thank you! I have pushed this to git. Next time, please run 'make
syntax-check' to check your patches (code indentation caused troubles
now, but I fixed it) and feel free to include the NEWS blurb in the git
patch itself.
I'll reach out to the netbsd-tnftpd
Patch attached.
Not sure what should be a headline or not in NEWS (release numbers etc.).
Find below a proposal for such entry:
** ftpd, rcp, rlogin, rsh, rshd, uucpd
*** Avoid potential privilege escalations due to absence of checking
set*id() return values.
Reported by Jeffrey Bencteux in <
Jeffrey writes:
> I found more occurences of unchecked values for set*id() functions in other
> inetutils programs: ftpd, rcp.
>
> It has different security impact if it can be triggered:
>
> * rcp: local privilege escalation to the user running the binary
> * ftpd: undefined behaviour without
Thank you Jeffrey, have you signed the copyright assignment form? I'll
email it to you privately.
/Simon
signature.asc
Description: PGP signature
I found more occurences of unchecked values for set*id() functions in other
inetutils programs: ftpd, rcp.
It has different security impact if it can be triggered:
* rcp: local privilege escalation to the user running the binary
* ftpd: undefined behaviour without privilege escalation as all