mirrors/mc
1
0
Fork 0
mirror of https://github.com/MidnightCommander/mc synced 2025-03-30 11:42:54 +03:00
Code Issues Packages Projects Releases Wiki Activity

Ticket #1902: Possible security risk in mcserv.c

Browse Source 
Look at mcserv.c near 1019
The chroot() call's return value isn't handled - this may a security risk.

Signed-off-by: Slava Zanko <slavazanko@gmail.com>
This commit is contained in:
Pavel Vasilyev 2010-01-12 17:36:01 +02:00 committed by Slava Zanko
parent f5da410a87
commit b3ea5f8ceb
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/vfs/mc-vfs/mcserv.c
View File

@ -56,6 +56,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <error.h>
#include <errno.h>
#include <signal.h>
#ifdef HAVE_GETOPT_H
@ -1015,8 +1016,14 @@ do_auth (const char *username, const char *password)
if (getuid () != this->pw_uid)
return 0;
if (strcmp (username, "ftp") == 0)
chroot (this->pw_dir);
if (strncmp(username, "ftp", 3) == 0) {
errno = 0;
if (chroot(this->pw_dir) != 0 || errno != 0) {
auth = errno;
error(0, errno, strerror(errno));
return (-auth);
}
}
endpwent ();
return auth;