tbaeder / rpms / vsftpd

Forked from rpms/vsftpd 3 years ago
Clone
Blob Blame History Raw
diff -up vsftpd-2.0.6/parseconf.c.nonrootconf vsftpd-2.0.6/parseconf.c
--- vsftpd-2.0.6/parseconf.c.nonrootconf	2008-02-12 05:53:32.000000000 +0100
+++ vsftpd-2.0.6/parseconf.c	2008-07-01 12:28:12.000000000 +0200
@@ -15,6 +15,7 @@
 #include "defs.h"
 #include "sysutil.h"
 #include "utility.h"
+#include "sysstr.h"
 
 static const char* s_p_saved_filename;
 static int s_strings_copied;
@@ -182,6 +183,8 @@ vsf_parseconf_load_file(const char* p_fi
   struct mystr config_file_str = INIT_MYSTR;
   struct mystr config_setting_str = INIT_MYSTR;
   struct mystr config_value_str = INIT_MYSTR;
+  struct vsf_sysutil_statbuf* p_statbuf = 0;
+  
   unsigned int str_pos = 0;
   int retval;
   if (!p_filename)
@@ -210,7 +213,9 @@ vsf_parseconf_load_file(const char* p_fi
     copy_string_settings();
   }
   retval = str_fileread(&config_file_str, p_filename, VSFTP_CONF_FILE_MAX);
-  if (vsf_sysutil_retval_is_error(retval))
+  (int)vsf_sysutil_stat(p_filename, &p_statbuf);
+  /* Security - die unless the conf file is owned by root */ 
+  if (vsf_sysutil_retval_is_error(retval) || vsf_sysutil_statbuf_get_uid(p_statbuf) != VSFTP_ROOT_UID)
   {
     if (errs_fatal)
     {
@@ -221,6 +226,7 @@ vsf_parseconf_load_file(const char* p_fi
       return;
     }
   }
+  vsf_sysutil_free(p_statbuf);
   while (str_getline(&config_file_str, &config_setting_str, &str_pos))
   {
     if (str_isempty(&config_setting_str) ||
diff -up vsftpd-2.0.6/twoprocess.c.nonrootconf vsftpd-2.0.6/twoprocess.c
--- vsftpd-2.0.6/twoprocess.c.nonrootconf	2008-02-12 04:18:34.000000000 +0100
+++ vsftpd-2.0.6/twoprocess.c	2008-07-01 12:21:28.000000000 +0200
@@ -423,11 +423,17 @@ handle_per_user_config(const struct myst
   str_append_char(&filename_str, '/');
   str_append_str(&filename_str, p_user_str);
   retval = str_stat(&filename_str, &p_statbuf);
-  /* Security - ignore unless owned by root */
-  if (!vsf_sysutil_retval_is_error(retval) &&
-      vsf_sysutil_statbuf_get_uid(p_statbuf) == VSFTP_ROOT_UID)
+  /* Security - die unless owned by root */
+  if (!vsf_sysutil_retval_is_error(retval))
   {
-    vsf_parseconf_load_file(str_getbuf(&filename_str), 1);
+    if (vsf_sysutil_statbuf_get_uid(p_statbuf) == VSFTP_ROOT_UID)
+    {
+      vsf_parseconf_load_file(str_getbuf(&filename_str), 1);
+    }
+    else
+    {
+      die("reading non-root config file"); 
+    }
   }
   str_free(&filename_str);
   vsf_sysutil_free(p_statbuf);
diff -up vsftpd-2.0.6/vsftpd.8.nonrootconf vsftpd-2.0.6/vsftpd.8
--- vsftpd-2.0.6/vsftpd.8.nonrootconf	2008-07-01 12:21:28.000000000 +0200
+++ vsftpd-2.0.6/vsftpd.8	2008-07-01 12:21:28.000000000 +0200
@@ -28,7 +28,8 @@ binary will then launch the FTP service 
 .Sh OPTIONS
 An optional
 .Op configuration file
-may be given on the command line.  The default configuration file is
+may be given on the command line. This configuration files has to be owned by
+root. The default configuration file is
 .Pa /etc/vsftpd/vsftpd.conf .
 .Sh SEE ALSO
 .Xr vsftpd.conf 5