next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects
Index of Subjects On Tue, 11 May 1999, David Priebe wrote: > How does the modified ftpd restrict users to their home directory?? Source code modifications - no one can retrieve anything above their home directory, I think, and they have to be the owner of a file in order to retrieve it. > However when I test logging in with root, I can cd to any location I want. That's odd - I don't remember seeing anything in the code to make root a special case. > Does ftpd check the directory permissions?? Or does it modify the root > location for csuite users?? Stock wu-ftpd does a lot of switching back and forth between root and the logged-in user, so that the user can't do anything UNIX directory permissions wouldn't let them do. The CSuite 1.0 wu-ftpd does some more checks to hide information (so that they can't download a file not owned by them even if unix would allow it). The new wu-ftpd mods we put together to allow IPs to FTP documents in and out on CCN are in between. Now you can either be the owner of a file/directory or a member of its group. Anything else isn't available to you. I spent some time faking LIST responses, etc. to hide information better - it should be pretty hard just to find out whether a file you don't own exists, if you can't read its parent directory. > Should I be checking the permissions on all of my sub-directories to make > sure that there isn't any set wrong?? That's always a good idea. > ex: what if I have a directory under /home/support/subdir that has wide open > permissions?? Will they have access to this area if they know the location? If /home/support/subdir is world searchable, then yes, but not by FTP, or Lynx with the CSuite restrictions. I think Pine *might* in some cases be forced to look there.
next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects