On 31-3-2015 11:49, Slawa Olhovchenkov wrote:> On Tue, Mar 31, 2015 at 11:34:21AM +0200, Willem Jan Withagen wrote:
>
>> On 31-3-2015 10:44, Slawa Olhovchenkov wrote:
>>> On Tue, Mar 31, 2015 at 10:09:00AM +0200, Willem Jan Withagen
wrote:
>>>
>>>> On 31-3-2015 05:44, Slawa Olhovchenkov wrote:
>>>>> On Mon, Mar 30, 2015 at 08:08:49PM -0400, Lowell Gilbert
wrote:
>>>>>
>>>>>> Slawa Olhovchenkov <slw at zxy.spb.ru> writes:
>>>>>>
>>>>>>> ftpd from FreeBSD-10 and up don't record ftp
logins to utmpx database
>>>>>>> (for case of chrooted login).
>>>>>>> This is lack security information.
>>>>>>> I found this is done by r202209 and r202604.
>>>>>>> I can't understand reason of this.
>>>>>>> Can somebody explain?
>>>>>>
>>>>>> Having a jail log into the base system is a security
issue in the
>>>>>> making. Can't you do this in a safer way by doing
remote logging to the
>>>>>> base system rather than having the jail hold on to a
file handle that
>>>>>> belongs outside the jail?
>>>>>
>>>>> Jail? Why I you talk about jail?
>>>>>
>>>>>> It's certainly possible to maintain these kinds of
capabilities, but
>>>>>> you would have to convince code reviewers that the same
results can't be
>>>>>> achieved some other way that's easier to secure.
>>>>
>>>> I might have just too many miles on the clock already....
>>>>
>>>> It used to liek this: to be able to do anything usefull in a
chroot,
>>>> you'd rebuild those parts of the system tree that you need
in under the
>>>> chrootdir.
>>>> Eg. including ls(1) and all the libs it needed to function in
ftpd.
>>>> Some for apaches that ran chrooted, you'd carry/duplicate
all you needed
>>>> into the chroot env
>>>>
>>>> So in this case you probably need
>>>> ${CHROOTDIR/var/log
>>>> and create the database there.
>>>
>>> I have many ftp acconts, than need be isolated by ftp.
>>> I need united database about login and logout.
>>> FreeBSD 1.x-9.x do this.
>>> Why this removed in 10.x?
>>
>> Slawa,
>>
>> I can't tell you that, but it is in r202209. And you can ask the
one
>> that removed it (ed@). :)
>> Like r202209 says 5 years ago:
>> Maybe we can address this in the future if it turns out to be a
>> real issue.
>
> What about issue talk?
> Opened file outside chroot? /dev/null and /var/run/logpriv still opened.
> Disabling logging for chrooted accounts? Realy?!
Read the submit message!? The reason is there, nothing with security as
I read it, but it just did not fit into the way the new lib for wtmp
worked/works.
Clearly you do not agree, but you are rather late to the party.
Could be that in the mean time code has been added to wtmp, and now you
can do it from inside a chroot? Perhaps ask ed@ of on hackers@??
>> Hasn't been an issue uptill now, it seems.
>>
>> But then there are many flavours of FTP server out there ATM, so
freely
>> quoted from Andy Tannenbaum:
>> If you don't like this version, get another one.
>
> Now I only see removing old and working functionality w/o reassonable
Well that is only in your eyes. wtmp moved (on) to a different way of
storing the data. At that point in time nobody had a problem with that.
And in 5 years you are the first one to be vocal about it.
>> Or write a script that actually unites the output from either the
>> database and/or last(8).
>
> You kidding.
> For this I need rearange ALL ftp acconts. Change permissions. Create
> hieararhie. Learn users.
Well perhaps one of the other flavours of FTPDs suits your need better.
--WjW