Firewalls: Re: Running ftpd in a chrooted environment

Firewalls
(February 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Running ftpd in a chrooted environment
From:	mjr @ tis . com
Date:	Tue, 1 Feb 94 12:54:44 EST
To:	firewalls @ GreatCircle . COM, john . lines @ aea . orgn . uk

>We would like to be able to run ftpd in a chrooted environment, but initial
>attempts have not succeeded.
>
>Is anyone running ftpd in a chrooted environment, and if so:
>
>Did you have to modify the daemon ?
>If so what mods did you make ?

	You could write a program like:


#define	FTPDIR "/usr/spool/ftp"
#define	FTPEXEC "/bin/ftpd"

main()
{
	if(chdir(FTPDIR)) {
		perror(FTPDIR);
		exit(1);
	}
	if(chroot(FTPDIR)) {
		perror(FTPDIR);
		exit(1);
	}
	execl(FTPEXEC,"ftpd","-l",(char *)0);
	perror(FTPEXEC);
}


	And put that in inetd.conf to be invoked instead of ftpd. Then
make sure ftpd (statically linked, of course) is in ~ftp/bin/ftpd, along
with "ls" and the rest of the ftp environment. On systems with dynamic
linking and whatnot it may require some fiddling. I also link my ftpd
against a version of the syslog() code [part of the toolkit] that uses
UDP messages instead of writing to the bound UNIX domain socket.

mjr.

Indexed By Date	Previous:	Running ftpd in a chrooted environment From: john . lines @ aea . orgn . uk (John Lines)
Indexed By Date	Next:	Re: Secure Batch ftp From: alastair @ cadence . com (Alastair Young)
Indexed By Thread	Previous:	Running ftpd in a chrooted environment From: john . lines @ aea . orgn . uk (John Lines)
Indexed By Thread	Next:	Re: Secure Batch ftp From: alastair @ cadence . com (Alastair Young)