ftpd authentication [PATCH] ftpd: NOMMU/chroot fix
Denys Vlasenko
vda.linux at googlemail.com
Fri Jun 27 11:55:26 UTC 2014
On Fri, Jun 27, 2014 at 1:46 PM, Morten Kvistgaard
<MK at pch-engineering.dk> wrote:
> A small detail, why do you check if the root_fd is valid? Eg.
>
> ...
> if (G.root_fd >= 0) {
> ...
>
> It shouldn't be possible for it to be invalid and the old code didn't validate it either.
I added this in the next patch:
#if !BB_MMU
- G.root_fd = xopen("/", O_RDONLY | O_DIRECTORY);
- close_on_exec_on(G.root_fd);
+ G.root_fd = -1;
#endif
argv += optind;
if (argv[0]) {
+#if !BB_MMU
+ G.root_fd = xopen("/", O_RDONLY | O_DIRECTORY);
+ close_on_exec_on(G.root_fd);
+#endif
xchroot(argv[0]);
}
This way we avoid "chroot jailbreak" games when it is not necessary
(i.e. if ftpd is run without DIR parameter).
More information about the busybox
mailing list