search for: arc304

Displaying 1 result from an estimated 1 matches for "arc304".

Did you mean: ar9300
2003 Aug 16
0
sftp-server (secure) chroot patch?
...to be done in the src of sftp-server.c I found three patches that does it: http://www.alt219.com/software/sftp-server-chroot/ http://www.coding-zone.com/chroot+sftp-server.patch http://groups.google.com/groups?hl=sv&lr=&ie=UTF-8&oe=UTF-8&frame=right&th=45c783aa0a25801a&seekm=arc304%241v5l%241%40FreeBSD.csie.NCTU.edu.tw#link1 Problem one seems to be that setuid(getuid()); is reversable. Also better sanity checking before chroot is required. I have written a patch that (probably) is more secure than the ones I found. It uses uidswap functions to change uid & gid. Someo...