Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Multiple vendors FTP denial of service

From: Nate Eldredge <neldredge () HMC EDU>
Date: Wed, 21 Mar 2001 12:56:56 -0800
Stefan Laudat writes:

Hi Aleph,
Please add this to the 'quick fix collection'. Thanks.


ftp> ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*

disable globbing symbols with: DenyFilter "[\*\?]" ?


... and as a quick fix for nasty shell users having bash prompts on
your machine, just enter 'set -f' in the /etc/profile. Of course,
until we will get a fixed bash or a fixed libc(?).


This would be an enormous pain for your users, and furthermore won't
help.  If they have a shell, they can simply do `set +f', or run a
different shell without such restrictions, or they can even run any
other program to suck up tons of memory (`for(;;) malloc(1024);').  To
prevent every possible case of this, and have some actual (rather than
illusory) security, man ulimit.

There is no bug in bash or in libc; it's a feature.  I wouldn't want a
system that put arbitrary limits on globbing.

--

Nate Eldredge
neldredge () hmc edu
Previous By Date Next
Previous By Thread Next

Current thread: