diff options
| author | Tom Yu <tlyu@mit.edu> | 1998-02-25 02:36:21 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 1998-02-25 02:36:21 +0000 |
| commit | 54d3e6cd146b36fe94f6e2bbe46b1604e6801b8f (patch) | |
| tree | 0738fc14f0e1f80f1a381c2c6736df992257ec73 /src | |
| parent | 0c1b302362748e639f4f8230d934c71b2452f52e (diff) | |
| download | krb5-54d3e6cd146b36fe94f6e2bbe46b1604e6801b8f.tar.gz krb5-54d3e6cd146b36fe94f6e2bbe46b1604e6801b8f.tar.xz krb5-54d3e6cd146b36fe94f6e2bbe46b1604e6801b8f.zip | |
* ftpcmd.y: Add production "nonguest" to catch things that
anonymous users aren't supposed to do. Replace "check_login" with
"nonguest" in a few places to prevent w4r3z d00dz from being
lame with world-writable incoming directories.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10473 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/appl/gssftp/ftpd/ChangeLog | 7 | ||||
| -rw-r--r-- | src/appl/gssftp/ftpd/ftpcmd.y | 20 |
2 files changed, 22 insertions, 5 deletions
diff --git a/src/appl/gssftp/ftpd/ChangeLog b/src/appl/gssftp/ftpd/ChangeLog index 9f088a37d..c9a30e597 100644 --- a/src/appl/gssftp/ftpd/ChangeLog +++ b/src/appl/gssftp/ftpd/ChangeLog @@ -1,3 +1,10 @@ +Tue Feb 24 21:34:34 1998 Tom Yu <tlyu@mit.edu> + + * ftpcmd.y: Add production "nonguest" to catch things that + anonymous users aren't supposed to do. Replace "check_login" with + "nonguest" in a few places to prevent w4r3z d00dz from being + lame with world-writable incoming directories. + Sun Feb 22 19:37:07 1998 Tom Yu <tlyu@mit.edu> * ftpd.c: Use krb5_seteuid() and krb5_setegid(). [krb5-libs/505] diff --git a/src/appl/gssftp/ftpd/ftpcmd.y b/src/appl/gssftp/ftpd/ftpcmd.y index c014f35b2..0da118894 100644 --- a/src/appl/gssftp/ftpd/ftpcmd.y +++ b/src/appl/gssftp/ftpd/ftpcmd.y @@ -182,7 +182,7 @@ struct tab sitetab[]; %type <num> NUMBER %type <num> form_code prot_code struct_code mode_code octal_number -%type <num> check_login byte_size +%type <num> check_login byte_size nonguest %type <str> STRING %type <str> password pathname username pathstring @@ -441,14 +441,14 @@ cmd: USER SP username CRLF = { reply(200, "NOOP command successful."); } - | MKD check_login SP pathname CRLF + | MKD nonguest SP pathname CRLF = { if ($2 && $4 != NULL) makedir((char *) $4); if ($4 != NULL) free((char *) $4); } - | RMD check_login SP pathname CRLF + | RMD nonguest SP pathname CRLF = { if ($2 && $4 != NULL) removedir((char *) $4); @@ -483,7 +483,7 @@ cmd: USER SP username CRLF reply(200, "Current UMASK is %03o", oldmask); } } - | SITE SP UMASK check_login SP octal_number CRLF + | SITE SP UMASK nonguest SP octal_number CRLF = { int oldmask; @@ -498,7 +498,7 @@ cmd: USER SP username CRLF } } } - | SITE SP CHMOD check_login SP octal_number SP pathname CRLF + | SITE SP CHMOD nonguest SP octal_number SP pathname CRLF = { if ($4 && ($8 != NULL)) { if ($6 > 0777) @@ -828,6 +828,16 @@ check_login: /* empty */ } ; +nonguest: check_login + = { + if (guest) { + reply(550, "Operation prohibited for anonymous users."); + $$ = 0; + } + else + $$ = 1; + } + ; %% struct tab cmdtab[] = { /* In order defined in RFC 765 */ |