[15496] in bugtraq
Re: ftpd: the advisory version
daemon@ATHENA.MIT.EDU (Jim Knoble)
Tue Jun 27 16:41:30 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000626154822.C5738@ntrnet.net>
Date: Mon, 26 Jun 2000 15:48:22 -0400
Reply-To: Jim Knoble <jmknoble@jmknoble.cx>
From: Jim Knoble <jmknoble@PINT-STOWP.CX>
X-To: Lamagra Argamal <lamagra@HACKERMAIL.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000624091756.28153.qmail@fiver.freemessage.com>; from Lamagra
Argamal on Sat, Jun 24, 2000 at 09:17:56AM -0000
Circa 2000-Jun-24 09:17:56 -0000 schrieb Lamagra Argamal:
: Last thing, I've been thinking about the general ftp protocol and there
: is only 1 reason why it should run as root after authentication. Namely
: to bind the dataconnection to port <ftpport - 1> (mostly 20). And we
: all know high ports require root priviledges for binding. Couldn't you
: change it to bind to the port at startup. This would require some other
: changes to prevent DoS etc But it should be possible, after that the
: daemon can just drop all priviledges after authentication. Giving an
: attacker nothing.
D.J. Bernstein's 'publicfile' anonymous FTP server + HTTP server does
exactly this, as well as chrooting to a restricted area. It's here:
http://cr.yp.to/publicfile.html
If all you need is anonymous FTP, it works fine (for user FTP,
consider ssh/scp as a replacement).
--
jim knoble | jmknoble@jmknoble.cx | http://www.jmknoble.cx/
