Bugtraq mailing list archives
Re: ftpd: the advisory version
From: okir () CALDERA DE (Olaf Kirch)
Date: Tue, 27 Jun 2000 22:16:29 +0200
On Mon, Jun 26, 2000 at 03:48:22PM -0400, Jim Knoble wrote:
Circa 2000-Jun-24 09:17:56 -0000 schrieb Lamagra Argamal: : Couldn't you change it to bind to [port 20] at startup.
No. Remember that the whole point of the exercise is that, in response to a PORT command, ftpd creates a TCP connection *to* the client host. Assume you create a socket, and bind it to port 20. Then you can use it exactly _once_ in a data connection, because you need to connect() to the address/port specified by the client. After the connection is torn down, the socket is dead, you can't reuse it (and if your Unix flavor allows reconecting that socket to some other address it's got a serious security problem).
D.J. Bernstein's 'publicfile' anonymous FTP server + HTTP server does exactly this, as well as chrooting to a restricted area.
No. Quoting from the web page: * The publicfile FTP server uses local ports above 1024 for PORT connections. I.e. publicfile is able to drop root privs because it stops using port 20 when creating data connections in response to a PORT command. It's against the spec but works with most clients. FWIW, note that wu-ftpd wants to retain saved root privs for other reasons as well. E.g. you can make it play silly tricks with file ownership of uploaded files so you can keep people from turning your /incoming into a warez site. Nothing you coulnd't achieve by other means as well, but it's something to keep in mind before starting to butcher it:-) Olaf -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okir () monad swb de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax okir () caldera de +-------------------- Why Not?! ----------------------- UNIX, n.: Spanish manufacturer of fire extinguishers.
Current thread:
- Re: ftpd: the advisory version Lamagra Argamal (Jun 24)
- Re: ftpd: the advisory version Jim Knoble (Jun 26)
- Re: ftpd: the advisory version Olaf Kirch (Jun 27)
- Re: ftpd: the advisory version Mike Eldridge (Jun 29)
- Re: ftpd: the advisory version Olaf Kirch (Jun 27)
- Linux capability bounding set weakness Patrick Reynolds (Jun 26)
- Re: Linux capability bounding set weakness Paul Wouters (Jun 27)
- Re: Linux capability bounding set weakness Matthew Kirkwood (Jun 27)
- Improved ARP sniffer Paul Starzetz (Jun 27)
- [suse-security-announce] SuSE Security Announcement: kernel-2.2.x (fwd) Daniel T. Chen (Jun 27)
- <Possible follow-ups>
- Re: ftpd: the advisory version Steven M. Bellovin (Jun 26)
- Re: ftpd: the advisory version Dan Harkless (Jun 27)
- Re: ftpd: the advisory version Teodor Cimpoesu (Jun 28)
- Re: ftpd: the advisory version Sebastian (Jun 28)
(Thread continues...)
- Re: ftpd: the advisory version Jim Knoble (Jun 26)