CVS commit: [netbsd-8] src/libexec/ftpd

[Martin Husemann]

Module Name:    src
Committed By:   martin
Date:           Tue Oct  3 10:05:06 UTC 2023

Modified Files:
        src/libexec/ftpd [netbsd-8]: ftpd.c

Log Message:
Pull up following revision(s) (requested by lukem in ticket #1902):

        libexec/ftpd/ftpd.c: revision 1.206

Treat failed chdir/chroot for guest and chroot accounts as fatal.

Also treat failed set{e,}(u,g}id calls as fatal.

Addresses CVE-2020-7468, via FreeBSD.


To generate a diff of this commit:
cvs rdiff -u -r1.203.6.2 -r1.203.6.3 src/libexec/ftpd/ftpd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.203.6.2 src/libexec/ftpd/ftpd.c:1.203.6.3
--- src/libexec/ftpd/ftpd.c:1.203.6.2	Tue Oct  3 10:03:24 2023
+++ src/libexec/ftpd/ftpd.c	Tue Oct  3 10:05:06 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: ftpd.c,v 1.203.6.2 2023/10/03 10:03:24 martin Exp $	*/
+/*	$NetBSD: ftpd.c,v 1.203.6.3 2023/10/03 10:05:06 martin Exp $	*/
 
 /*
  * Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
 #if 0
 static char sccsid[] = "@(#)ftpd.c	8.5 (Berkeley) 4/28/95";
 #else
-__RCSID("$NetBSD: ftpd.c,v 1.203.6.2 2023/10/03 10:03:24 martin Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.203.6.3 2023/10/03 10:05:06 martin Exp $");
 #endif
 #endif /* not lint */
 
@@ -1547,8 +1547,7 @@ do_pass(int pass_checked, int pass_rval,
 			    "GUEST user %s: can't chdir to %s: %m",
 			    pw->pw_name, homedir);
  bad_guest:
-			reply(550, "Can't set guest privileges.");
-			goto bad;
+			fatal("Can't set guest privileges.");
 		}
 		break;
 	case CLASS_CHROOT:
@@ -1571,8 +1570,7 @@ do_pass(int pass_checked, int pass_rval,
 			    "CHROOT user %s: can't chdir to %s: %m",
 			    pw->pw_name, homedir);
  bad_chroot:
-			reply(550, "Can't change root.");
-			goto bad;
+			fatal("Can't change root.");
 		}
 		break;
 	case CLASS_REAL:
@@ -1618,16 +1616,16 @@ do_pass(int pass_checked, int pass_rval,
 		dropprivs++;
 		if (setgid((gid_t)pw->pw_gid) < 0) {
 			reply(550, "Can't set gid.");
-			goto bad;
+			goto bad_perms;
 		}
 		if (setuid((uid_t)pw->pw_uid) < 0) {
 			reply(550, "Can't set uid.");
-			goto bad;
+			goto bad_perms;
 		}
 	} else {
 		if (seteuid((uid_t)pw->pw_uid) < 0) {
 			reply(550, "Can't set uid.");
-			goto bad;
+			goto bad_perms;
 		}
 	}
 	setenv("HOME", homedir, 1);
@@ -1686,6 +1684,11 @@ do_pass(int pass_checked, int pass_rval,
 #endif
 			/* Forget all about it... */
 	end_login();
+	return;
+
+bad_perms:
+	syslog(LOG_NOTICE, "user %s: can't setuid/gid: %m", pw->pw_name);
+	fatal("Can't drop privileges.");
 }
 
 void