[H-GEN] I can't login - HELP!

[Ben Carlyle]

[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics.  Please observe the list's charter.          ]

> Byron Ellacott wrote:
> > I would be very surprised if any reasonably modern FTP server would not do
> > a setuid(user_uid) as soon as it knows what user it should be running at
> > -- this way, it does not have to check the permissions of files itself.
> > Fork, get username/password, setuid, proceed.  Same for any suid program.
> > Drop the root privelidges ASAP.

Martin Pool wrote:
> This is not always possible: the child task may have to bind to
> privileged ports, and it couldn't do that if it has given away all its
> permissions.  (I may be wrong, I can't seem to remember exactly why.)
> Therefore we have setfsuid, seteuid and so on.

According to Stevens, a daemon should bind to priveleged ports
before performing the setuid.  Once the ports are open, which is
a priveleged operation, a process can setuid to the appropriate
user.

Priveleged ports are those numbered less than 1024, and can only
be opened by a root-owned process.  Other ports can be opened by
any process in a UNIX environment.  The FTP protocol uses several
ports during a connection duration, but only one is usually
priveledged.  Port 21 (or whichever is chosen for the server), is
opened by the server as root before authentication.  After the
appropriate uid is known an a setuid is made, connections for
actual file transfer are made in the non-priveleged range (>=1024).

By opening appropriate ports before performing a setuid, most
servers can operate safely as an innane user despite having
to be started as root.


Benjamin.

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.