[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Configuring ftpd for upload: second phase with chflags

To: Saād KADHI <Saad.KADHI@neurocom.com>
Subject: Re: Configuring ftpd for upload: second phase with chflags
From: Marco S Hyman <marc@snafu.org>
Date: Fri, 01 Sep 2000 10:36:40 -0700
Cc: OpenBSD Misc <misc@openbsd.org>

 > configuring ftpd for upload) & the answers I've got, I used chflags with
 > uappnd for the /upload directory:
 > An ls -lo looks like this:
 > dr-xr-xr-x  3  root   ftp   -   512  Sep  1 12:12  pub
 > dr-x------   2  root   ftp   -   512   Sep   1  18:34 reserved
 > drwxrwxrwx   3   root   ftp   uappnd   512   Sep   1   18:41   upload
 > 
 > Even if the perms are 777 on the upload dir, users (including root) can

I think you're leaving yourself open to be used as an ftp file drop.
Random user can make directories and add files to the directories.
Other random users can read the directories.  Example:

	$ mkdir xxx
	$ chflags uappnd xxx
	$ mkdir xxx/yyy
	$ echo this is a test > xxx/yyy/zzz
	$ cat xxx/yyy/zzz
	this is a test
	$ rm xxx/yyy/zzz

// marc

Follow-Ups:
- Re: Configuring ftpd for upload: second phase with chflags
  - From: Saād KADHI <Saad.KADHI@neurocom.com>
- Re: Configuring ftpd for upload: second phase with chflags
  - From: Dean Bullock <dcb@dolby.com>

References:
- Configuring ftpd for upload: second phase with chflags
  - From: Saād KADHI <Saad.KADHI@neurocom.com>

Prev by Date: Next question....more
Next by Date: Re: Next Question Star Office
Prev by thread: Configuring ftpd for upload: second phase with chflags
Next by thread: Re: Configuring ftpd for upload: second phase with chflags
Index(es):
- Date
- Thread