Bug 15351

Summary: Normal users can over write important system files via ftp.
Product: Base System Reporter: greyleaf <greyleaf>
Component: miscAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description greyleaf 1999-12-08 05:50:01 UTC 
It is possible, as a normal users, to use the ftp client to over write
system files with modes of 0664 and group wheel (such as log files in
/var/log). This is true for at least the stock ftp distributed with the
3.2 release.

How-To-Repeat: As a normal user, ftp to another UNIX machine that includes, say
/var/log/messages. Do a bin and then a get /var/log/messages At the
end of the download, there will be a message stating that the
modification time of the file couldn't be changed, however the old
file is over written. In all cases the ftp was initiated from the
user's home directory.
Comment 1 Sheldon Hearn 1999-12-08 14:03:49 UTC 
On Tue, 07 Dec 1999 21:49:45 PST, greyleaf@home.net wrote:

> It is possible, as a normal users, to use the ftp client to over write
> system files with modes of 0664 and group wheel (such as log files in
> /var/log). This is true for at least the stock ftp distributed with the
> 3.2 release.

I think you're mistaken.  I think that users who are a part of group
wheel can do this, and that's expected behaviour.  Before you do your
test as a "normal user", type
	
	id

at the command prompt.  Is this normal user part of group wheel?  If so,
everything's working as it should. :-)

Ciao,
Sheldon.
Comment 2 Sheldon Hearn freebsd_committer freebsd_triage 1999-12-08 14:03:57 UTC 
State Changed
From-To: open->feedback

Suspected pilot error, waiting for confirmation from pilot. :-)
Comment 3 Sheldon Hearn freebsd_committer freebsd_triage 1999-12-09 07:31:41 UTC 
State Changed
From-To: feedback->closed

Confirmed pilot error. :-)