Re: ftp(1): anonymous login and .netrc

2017-01-09 Thread Vadim Zhukov 
2017-01-04 11:51 GMT+03:00 Anton Lindqvist :
> I'm running a script as root which drops privileges while fetching files
> using ftp(1) with anonymous login enabled:
>
> # doas -u unpriv ftp -a URL
>
> ... and was surprised to see the following error:
>
> ftp: /root/.netrc: Permission denied
>
> I'm not sure if the .netrc file should be considered when anonymous
> login is enabled. If not, here's a patch:
>
> Index: util.c
> ===
> RCS file: /cvs/src/usr.bin/ftp/util.c,v
> retrieving revision 1.81
> diff -u -p -r1.81 util.c
> --- util.c  20 Aug 2016 20:18:42 -  1.81
> +++ util.c  3 Jan 2017 20:19:16 -
> @@ -221,7 +221,7 @@ ftp_login(const char *host, char *user,
> struct passwd *pw;
>
>  #ifndef SMALL
> -   if (user == NULL) {
> +   if (user == NULL && !anonftp) {
> if (ruserpass(host, &user, &pass, &acctname) < 0) {
> code = -1;
> return (0);
>

The diff looks like correct to me, okay@ for anyone willing to commit.

--
  WBR,
  Vadim Zhukov

ftp(1): anonymous login and .netrc

2017-01-04 Thread Anton Lindqvist 
I'm running a script as root which drops privileges while fetching files
using ftp(1) with anonymous login enabled:

# doas -u unpriv ftp -a URL

... and was surprised to see the following error:

ftp: /root/.netrc: Permission denied

I'm not sure if the .netrc file should be considered when anonymous
login is enabled. If not, here's a patch:

Index: util.c
===
RCS file: /cvs/src/usr.bin/ftp/util.c,v
retrieving revision 1.81
diff -u -p -r1.81 util.c
--- util.c  20 Aug 2016 20:18:42 -  1.81
+++ util.c  3 Jan 2017 20:19:16 -
@@ -221,7 +221,7 @@ ftp_login(const char *host, char *user, 
struct passwd *pw;
 
 #ifndef SMALL
-   if (user == NULL) {
+   if (user == NULL && !anonftp) {
if (ruserpass(host, &user, &pass, &acctname) < 0) {
code = -1;
return (0);