Bugtraq mailing list archives
Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)
From: casper () Holland Sun COM (Casper Dik)
Date: Thu, 13 Jul 1995 10:18:29 +0200
Am I correct in stating that this problem only occurs on SVR4 based unix's [where /proc exists]? Or would, say, SunOS 4.1.x be affected?
It does not occur on SVR4 based Unixes. It occurs only on Linux /pro implementation. The SVR4 /proc implemntations only have one file for each process in /proc. You're not allowed to access that file unless you're root or your privs are a superset of that process' privs. Since ftpd runs with a real-uid of root, you cannot access the /proc entry of your own ftpd. Casper
Current thread:
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Dan Thorson (Jul 12)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Casper Dik (Jul 13)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Jeremy Fitzhardinge (Jul 13)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Casper Dik (Jul 13)
- NT sniper bug? Brian Court (Jul 14)
- Re: NT sniper bug? Firewall Mailing Lists Account (Jul 15)
- Re: NT sniper bug? Forrest Aldrich (Jul 16)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Jas (Jul 13)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Scott Barman (Jul 13)
- <Possible follow-ups>
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Joerg Czeranski (Jul 13)