Great Circle Associates Firewalls
(February 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Running ftpd in a chrooted environment
From: mjr @ tis . com
Date: Tue, 1 Feb 94 12:54:44 EST
To: firewalls @ GreatCircle . COM, john . lines @ aea . orgn . uk

>We would like to be able to run ftpd in a chrooted environment, but initial
>attempts have not succeeded.
>
>Is anyone running ftpd in a chrooted environment, and if so:
>
>Did you have to modify the daemon ?
>If so what mods did you make ?

	You could write a program like:


#define	FTPDIR "/usr/spool/ftp"
#define	FTPEXEC "/bin/ftpd"

main()
{
	if(chdir(FTPDIR)) {
		perror(FTPDIR);
		exit(1);
	}
	if(chroot(FTPDIR)) {
		perror(FTPDIR);
		exit(1);
	}
	execl(FTPEXEC,"ftpd","-l",(char *)0);
	perror(FTPEXEC);
}


	And put that in inetd.conf to be invoked instead of ftpd. Then
make sure ftpd (statically linked, of course) is in ~ftp/bin/ftpd, along
with "ls" and the rest of the ftp environment. On systems with dynamic
linking and whatnot it may require some fiddling. I also link my ftpd
against a version of the syslog() code [part of the toolkit] that uses
UDP messages instead of writing to the bound UNIX domain socket.

mjr.

Indexed By Date Previous: Running ftpd in a chrooted environment
From: john . lines @ aea . orgn . uk (John Lines)
Next: Re: Secure Batch ftp
From: alastair @ cadence . com (Alastair Young)
Indexed By Thread Previous: Running ftpd in a chrooted environment
From: john . lines @ aea . orgn . uk (John Lines)
Next: Re: Secure Batch ftp
From: alastair @ cadence . com (Alastair Young)

Google
 
Search Internet Search www.greatcircle.com