- don't allow to read non-root config files (#145548)

2005-02-08 07:52:54 +00:00 · 2005-02-08 07:52:54 +00:00 · cceb2ea895
commit cceb2ea895
parent 78ec8a7d82
2 changed files with 68 additions and 1 deletions
--- a/vsftpd-1.2.1-nonrootconf.patch
+++ b/vsftpd-1.2.1-nonrootconf.patch
@ -0,0 +1,62 @@
+--- vsftpd-2.0.1/twoprocess.c.nonrootconf	2004-07-02 18:47:51.000000000 +0200
+++ vsftpd-2.0.1/twoprocess.c	2005-02-08 09:37:26.641905544 +0100
+@@ -416,12 +416,16 @@
+   str_append_char(&filename_str, '/');
+   str_append_str(&filename_str, p_user_str);
+   retval = str_stat(&filename_str, &p_statbuf);
+-  /* Security - ignore unless owned by root */
+  /* Security - die unless owned by root */
+   if (!vsf_sysutil_retval_is_error(retval) &&
+       vsf_sysutil_statbuf_get_uid(p_statbuf) == VSFTP_ROOT_UID)
+   {
+     vsf_parseconf_load_file(str_getbuf(&filename_str), 1);
+   }
+  else
+  {
+    die("reading non-root config file"); 
+  }
+   str_free(&filename_str);
+   vsf_sysutil_free(p_statbuf);
+ }
+--- vsftpd-2.0.1/parseconf.c.nonrootconf	2004-07-02 13:23:56.000000000 +0200
+++ vsftpd-2.0.1/parseconf.c	2005-02-08 09:37:26.642905392 +0100
+@@ -15,6 +15,7 @@
+ #include "defs.h"
+ #include "sysutil.h"
+ #include "utility.h"
+#include "sysstr.h"
+ 
+ static const char* s_p_saved_filename;
+ static int s_strings_copied;
+@@ -167,6 +168,8 @@
+   struct mystr config_file_str = INIT_MYSTR;
+   struct mystr config_setting_str = INIT_MYSTR;
+   struct mystr config_value_str = INIT_MYSTR;
+  struct vsf_sysutil_statbuf* p_statbuf = 0;
+  
+   unsigned int str_pos = 0;
+   int retval;
+   if (!p_filename)
+@@ -195,7 +198,9 @@
+     copy_string_settings();
+   }
+   retval = str_fileread(&config_file_str, p_filename, VSFTP_CONF_FILE_MAX);
+-  if (vsf_sysutil_retval_is_error(retval))
+  (int)str_stat(&config_file_str, &p_statbuf);
+  /* Security - die unless the conf file is owned by root */ 
+  if (vsf_sysutil_retval_is_error(retval) || vsf_sysutil_statbuf_get_uid(p_statbuf) != VSFTP_ROOT_UID)
+   {
+     if (errs_fatal)
+     {
+--- vsftpd-2.0.1/vsftpd.8.nonrootconf	2005-02-08 09:37:26.000000000 +0100
+++ vsftpd-2.0.1/vsftpd.8	2005-02-08 09:44:21.173887104 +0100
+@@ -28,7 +28,8 @@
+ .Sh OPTIONS
+ An optional
+ .Op configuration file
+-may be given on the command line.  The default configuration file is
+may be given on the command line. This configuration files has to be owned by
+root. The default configuration file is
+ .Pa /etc/vsftpd/vsftpd.conf .
+ .Sh SEE ALSO
+ .Xr vsftpd.conf 5
--- a/vsftpd.spec
+++ b/vsftpd.spec
@ -3,7 +3,7 @@
 Summary: vsftpd - Very Secure Ftp Daemon
 Name: vsftpd
 Version: 2.0.1
-Release: 8
+Release: 9
 License: GPL
 Group: System Environment/Daemons
 URL: http://vsftpd.beasts.org/
@ -24,6 +24,7 @@ Patch7: vsftpd-2.0.1-build_ssl.patch
 Patch8: vsftpd-2.0.1-server_args.patch
 Patch9: vsftpd-2.0.1-dir.patch
 Patch10: vsftpd-2.0.1-use_localtime.patch
+Patch11: vsftpd-1.2.1-nonrootconf.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 %if %{tcp_wrappers}
 BuildPrereq: tcp_wrappers
@ -60,6 +61,7 @@ cp %{SOURCE1} .
 %patch8 -p1 -b .server_args
 %patch9 -p1 -b .dir
 %patch10 -p1 -b .use_localtime
+%patch11 -p1 -b .nonrootconf

 %build
 %ifarch s390x
@ -118,6 +120,9 @@ fi
 /var/ftp

 %changelog
+* Mon Feb 07 2005 Radek Vokal <rvokal@redhat.com> 2.0.1-9
+- don't allow to read non-root config files (#145548)
+
 * Mon Jan 10 2005 Radek Vokal <rvokal@redhat.com> 2.0.1-8
 - use localtime also in logs (#143687)