ftpd

Christos Zoulas Sat, 03 Jul 2021 08:04:17 -0700

Module Name:    src
Committed By:   christos
Date:           Sat Jul  3 14:59:49 UTC 2021


Modified Files:
        src/libexec/ftpd: ftpd.c

Log Message:
Treat failed chdir/chroot for guest and chroot accounts as fatal.
Also treat failed set{e,}(u,g}id calls as fatal.
Addresses CVE-2020-7468, via FreeBSD.


To generate a diff of this commit:
cvs rdiff -u -r1.205 -r1.206 src/libexec/ftpd/ftpd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.205 src/libexec/ftpd/ftpd.c:1.206
--- src/libexec/ftpd/ftpd.c:1.205	Tue Oct 15 14:29:32 2019
+++ src/libexec/ftpd/ftpd.c	Sat Jul  3 10:59:49 2021
@@ -1,4 +1,4 @@
-/*	$NetBSD: ftpd.c,v 1.205 2019/10/15 18:29:32 christos Exp $	*/
+/*	$NetBSD: ftpd.c,v 1.206 2021/07/03 14:59:49 christos Exp $	*/
 
 /*
  * Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
 #if 0
 static char sccsid[] = "@(#)ftpd.c	8.5 (Berkeley) 4/28/95";
 #else
-__RCSID("$NetBSD: ftpd.c,v 1.205 2019/10/15 18:29:32 christos Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.206 2021/07/03 14:59:49 christos Exp $");
 #endif
 #endif /* not lint */
 
@@ -1547,8 +1547,7 @@ do_pass(int pass_checked, int pass_rval,
 			    "GUEST user %s: can't chdir to %s: %m",
 			    pw->pw_name, homedir);
  bad_guest:
-			reply(550, "Can't set guest privileges.");
-			goto bad;
+			fatal("Can't set guest privileges.");
 		}
 		break;
 	case CLASS_CHROOT:
@@ -1571,8 +1570,7 @@ do_pass(int pass_checked, int pass_rval,
 			    "CHROOT user %s: can't chdir to %s: %m",
 			    pw->pw_name, homedir);
  bad_chroot:
-			reply(550, "Can't change root.");
-			goto bad;
+			fatal("Can't change root.");
 		}
 		break;
 	case CLASS_REAL:
@@ -1618,16 +1616,16 @@ do_pass(int pass_checked, int pass_rval,
 		dropprivs++;
 		if (setgid((gid_t)pw->pw_gid) < 0) {
 			reply(550, "Can't set gid.");
-			goto bad;
+			goto bad_perms;
 		}
 		if (setuid((uid_t)pw->pw_uid) < 0) {
 			reply(550, "Can't set uid.");
-			goto bad;
+			goto bad_perms;
 		}
 	} else {
 		if (seteuid((uid_t)pw->pw_uid) < 0) {
 			reply(550, "Can't set uid.");
-			goto bad;
+			goto bad_perms;
 		}
 	}
 	setenv("HOME", homedir, 1);
@@ -1686,6 +1684,11 @@ do_pass(int pass_checked, int pass_rval,
 #endif
 			/* Forget all about it... */
 	end_login();
+	return;
+
+bad_perms:
+	syslog(LOG_NOTICE, "user %s: can't setuid/gid: %m", pw->pw_name);
+	fatal("Can't drop privileges.");
 }
 
 void

CVS commit: src/libexec/ftpd

Reply via email to