[4281] in Athena Bugs
ftpd: does chdir before setuid
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Wed Feb 21 15:08:38 1990
Date: Wed, 21 Feb 90 12:09:47 -0500
From: Jonathan I. Kamens <jik@PIT-MANAGER.MIT.EDU>
To: bugs@ATHENA.MIT.EDU
ftpd tries to chdir() to the user's home directory before doing the
setuid() to that users UID. The result of this is that fascist
network filesystem directories (e.g. NFS, AFS) can't be accessed, even
if the user in question has tokens/mappings as himself on the
workstation.
jik
