Bugtraq mailing list archives
Re: wu-ftpd info.
From: spaf () cs purdue edu (Gene Spafford)
Date: Wed, 13 Apr 94 13:28:44 -0500
Principal problem is that the chrooted environemnt is only for anonymous ftp. If I ftp in to a user account, it lets me do that and it does *not* chroot the directory. The hazards should be obvious. Add to that the fact that even in a chrooted directory under anonymous ftp, getting on as a privileged user can be dangerous -- the files are accessible from the regular file systems (e.g., user accounts). For instance: attacker uses ftp to create suid-root shell in ftp directory attacker logs in as user foo (bin, uucp, etc) and executes suid shell from ftp directory attacker romps --spaf
Current thread:
- wu-ftpd info. Christopher Klaus (Apr 12)
- Re: wu-ftpd info. Paul A Vixie (Apr 13)
- Re: wu-ftpd info. Paul Walmsley (Apr 13)
- <Possible follow-ups>
- Re: wu-ftpd info. Ken Hardy (Apr 13)
- Re: wu-ftpd info. jdd () cdf toronto edu (Apr 13)
- Re: wu-ftpd info. Paul A Vixie (Apr 13)
- Re: wu-ftpd info. Rob Quinn (Apr 13)
- Re: wu-ftpd info. Gene Spafford (Apr 13)
- Re: wu-ftpd info. Marc W. Mengel (Apr 13)
- Re: wu-ftpd info. Christopher Klaus (Apr 13)
- Re: wu-ftpd info. smb () research att com (Apr 13)
- Re: wu-ftpd info. William McVey (Apr 13)
- Re: wu-ftpd info. der Mouse (Apr 13)
- Re: wu-ftpd info. Paul A Vixie (Apr 13)