proftpd non-root patch

[lamagra () HACKERMAIL NET (Lamagra Argamal)]

When a proftpd server is running on a high port (> 1024), it doesn't need root priviledges anymore to bind a 
dataconnection to the ftpport-1. My patch checks for this and drops uid 0 after authentication.

The next snippets are from my proftp-1.2 running on port 2021.
<-snip->
[root@bubbles proftpd-1.2]# ps uax|grep proftpd
lamagra    490  1.5  1.0  1376  1008  ?  S    09:28   0:00 proftpd: lamagra - lo
nobody     487  0.0  0.8  1356   776  ?  S    09:28   0:00 proftpd (accepting co
[root@bubbles proftpd-1.2]# grep Uid /proc/490/status
Uid:    500     500     500     500
[root@bubbles proftpd-1.2]# grep Gid /proc/490/status
Gid:    500     500     500     500
<-snap->

As you can see it runs fully without priviledges after authenctication.

---> If you don't like non-standard things, stop reading here <--

My patch also includes an extra option: by setting the option "NonrootServer" on in the configfile of proftpd, it 
doesn't use ftpport-1 as a dataport. It becomes replaced with a dynamicly assigned (by the kernel) port, these are
high ports. If this feature is selected all priviledges are dropped after authentication. As seen in the next snippet.

<-snip->
tcp        1      0 localhost:1285          localhost:1284          TIME_WAIT
This is the dataconnection binded to a high port.

ftp        527  0.0  0.8  1396   848  ?  S    09:31   0:00 proftpd: ftp - localh
Uid:    14      14      14      14

In proftpd.conf:
NonrootServer                   on
<-snap->
I don't see any problems with this except that the rfc says ftpport-1. If anyone can see a problem, please contact me 
as I'd like to know.

-lamagra
http://lamagra.seKure.de

Send someone a cool Dynamitemail flashcard greeting!! And get rewarded.
GO AHEAD! http://cards.dynamitemail.com/index.php3?rid=fc-41

<HR NOSHADE>
<UL>
<LI>application/octet-stream attachment: proftp.patch
</UL>