diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2000-06-17 19:42:19 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2000-06-17 19:42:19 +0000 |
| commit | f84e735ae2aa8516c20af6c27a7808cdd02506d9 (patch) | |
| tree | 7aa6b8f0a8bc25b692b403092587e3aa668033f7 /libexec/ftpd | |
| parent | 85bebac90d2ba7f1a6e1e942739c9ea0a467b69e (diff) | |
pr 772; -u blocks chmod command, michaels@inet.no
Diffstat (limited to 'libexec/ftpd')
| -rw-r--r-- | libexec/ftpd/ftpcmd.y | 23 | ||||
| -rw-r--r-- | libexec/ftpd/ftpd.8 | 5 | ||||
| -rw-r--r-- | libexec/ftpd/ftpd.c | 4 |
3 files changed, 23 insertions, 9 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y index 4a03e78d77b..b62fce04d2c 100644 --- a/libexec/ftpd/ftpcmd.y +++ b/libexec/ftpd/ftpcmd.y @@ -1,4 +1,4 @@ -/* $OpenBSD: ftpcmd.y,v 1.20 2000/04/29 14:03:02 deraadt Exp $ */ +/* $OpenBSD: ftpcmd.y,v 1.21 2000/06/17 19:42:18 deraadt Exp $ */ /* $NetBSD: ftpcmd.y,v 1.7 1996/04/08 19:03:11 jtc Exp $ */ /* @@ -47,7 +47,7 @@ #if 0 static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94"; #else -static char rcsid[] = "$OpenBSD: ftpcmd.y,v 1.20 2000/04/29 14:03:02 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: ftpcmd.y,v 1.21 2000/06/17 19:42:18 deraadt Exp $"; #endif #endif /* not lint */ @@ -93,6 +93,7 @@ extern int transflag; extern char tmpline[]; extern int portcheck; extern union sockunion his_addr; +extern int umaskchange; off_t restart_point; @@ -609,6 +610,9 @@ cmd if ($4) { if (($6 == -1) || ($6 > 0777)) { reply(501, "Bad UMASK value"); + } else if (!umaskchange) { + reply(550, + "No permission to change umask."); } else { oldmask = umask($6); reply(200, @@ -622,11 +626,17 @@ cmd if ($4 && ($8 != NULL)) { if ($6 > 0777) reply(501, - "CHMOD: Mode value must be between 0 and 0777"); + "CHMOD: Mode value must be between " + "0 and 0777"); + else if (!umaskchange) + reply(550, + "No permission to change mode of %s.", + $8); else if (chmod($8, $6) < 0) perror_reply(550, $8); else - reply(200, "CHMOD command successful."); + reply(200, + "CHMOD command successful."); } if ($8 != NULL) free($8); @@ -643,13 +653,14 @@ cmd if ($3) { if ($6 < 30 || $6 > maxtimeout) { reply(501, - "Maximum IDLE time must be between 30 and %d seconds", + "Maximum IDLE time must be between " + "30 and %d seconds", maxtimeout); } else { timeout = $6; (void) alarm((unsigned) timeout); reply(200, - "Maximum IDLE time set to %d seconds", + "Maximum IDLE time set to %d seconds", timeout); } } diff --git a/libexec/ftpd/ftpd.8 b/libexec/ftpd/ftpd.8 index 6ebb853ccc9..e0ccbc5e845 100644 --- a/libexec/ftpd/ftpd.8 +++ b/libexec/ftpd/ftpd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ftpd.8,v 1.29 2000/04/15 11:46:05 aaron Exp $ +.\" $OpenBSD: ftpd.8,v 1.30 2000/06/17 19:42:18 deraadt Exp $ .\" $NetBSD: ftpd.8,v 1.8 1996/01/14 20:55:23 thorpej Exp $ .\" .\" Copyright (c) 1985, 1988, 1991, 1993 @@ -140,8 +140,9 @@ The inactivity timeout period is set to .Ar timeout seconds (the default is 15 minutes). .It Fl u Ar mask -Change the default umask from 027 to +Force the umask to .Ar mask . +instead of the default 027. Also disallows chmod. .El .Pp The file diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index e76821a4da5..52ef5d1d12d 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ftpd.c,v 1.73 2000/06/14 15:15:06 itojun Exp $ */ +/* $OpenBSD: ftpd.c,v 1.74 2000/06/17 19:42:18 deraadt Exp $ */ /* $NetBSD: ftpd.c,v 1.15 1995/06/03 22:46:47 mycroft Exp $ */ /* @@ -180,6 +180,7 @@ off_t byte_count; #define CMASK 027 #endif int defumask = CMASK; /* default umask value */ +int umaskchange = 1; /* allow user to change umask value. */ char tmpline[7]; char hostname[MAXHOSTNAMELEN]; char remotehost[MAXHOSTNAMELEN]; @@ -347,6 +348,7 @@ main(argc, argv, envp) { long val = 0; char *p; + umaskchange = 0; val = strtol(optarg, &p, 8); if (*p != '\0' || val < 0 || (val & ~ACCESSPERMS)) { |