d85f3bb159
prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup |
||
---|---|---|
bin | ||
crypto | ||
dist | ||
distrib | ||
etc | ||
games | ||
gnu | ||
include | ||
lib | ||
libexec | ||
regress | ||
sbin | ||
share | ||
sys | ||
usr.bin | ||
usr.sbin | ||
Makefile | ||
Makefile.inc |