From fenner@parc.xerox.com  Tue Sep 15 18:48:25 1998
Received: from alpha.xerox.com (omega.Xerox.COM [13.1.64.95])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id SAA02236
          for <FreeBSD-gnats-submit@freebsd.org>; Tue, 15 Sep 1998 18:48:17 -0700 (PDT)
          (envelope-from fenner@parc.xerox.com)
Received: from mango.parc.xerox.com ([13.1.102.232]) by alpha.xerox.com with SMTP id <40642(1)>; Tue, 15 Sep 1998 18:47:44 PDT
Received: (from fenner@localhost)
	by mango.parc.xerox.com (8.8.8/8.8.8) id SAA00908;
	Tue, 15 Sep 1998 18:47:37 -0700 (PDT)
	(envelope-from fenner)
Message-Id: <199809160147.SAA00908@mango.parc.xerox.com>
Date: Tue, 15 Sep 1998 18:47:37 PDT
From: Bill Fenner <fenner@parc.xerox.com>
Reply-To: fenner@parc.xerox.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: ftpd: ~ is ~root!
X-Send-Pr-Version: 3.2

>Number:         7943
>Category:       bin
>Synopsis:       ftpd: ~ is ~root!
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    des
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Sep 15 18:50:00 PDT 1998
>Closed-Date:    Tue Jun 8 04:46:12 PDT 1999
>Last-Modified:  Tue Jun  8 04:47:13 PDT 1999
>Originator:     Bill Fenner
>Release:        FreeBSD 2.2.6-RELEASE i386
>Organization:
Xerox
>Environment:

	
FreeBSD 2.2.6

>Description:

	
ftpd makes sure to set $HOME in the environment so that glob() can glob ~
correctly.  However, glob() ignores the environment if issetugid(), and
ftpd setuid()'s to the user so issetugid() is true.

>How-To-Repeat:

	
ftp freebsd-machine
log in
cd /
cd ~
pwd


>Fix:
	
	
have ftpd setlogin(), so that the other method of globbing ~ works.
inetd has already done setsid(), so asking setusercontext() to setlogin()
is safe (I think!).

--- /usr/src/libexec/ftpd/ftpd.c	Wed Dec 24 11:13:47 1997
+++ ftpd.c	Tue Sep 15 18:47:06 1998
@@ -988,7 +988,8 @@
 		}
 	}
 	setusercontext(lc, pw, (uid_t)0,
-	LOGIN_SETGROUP|LOGIN_SETPRIORITY|LOGIN_SETRESOURCES|LOGIN_SETUMASK);
+		LOGIN_SETLOGIN|LOGIN_SETGROUP|LOGIN_SETPRIORITY|
+		LOGIN_SETRESOURCES|LOGIN_SETUMASK);
 #else
 	(void) initgroups(pw->pw_name, pw->pw_gid);
 #endif
@@ -1037,12 +1038,6 @@
 		reply(550, "Can't set uid.");
 		goto bad;
 	}
-
-	/*
-	 * Set home directory so that use of ~ (tilde) works correctly.
-	 */
-	if (getcwd(homedir, MAXPATHLEN) != NULL)
-		setenv("HOME", homedir, 1);
 
 	/*
 	 * Display a login message, if it exists.
>Release-Note:
>Audit-Trail:

From: Bill Fenner <fenner@FreeBSD.ORG>
To: freebsd-gnats-submit@FreeBSD.org
Cc:  Subject: Re: bin/7943: ftpd: ~ is ~root!
Date: Tue, 15 Sep 1998 23:10:25 -0700 (PDT)

 There should probably be a
 
 	setlogin(pw->pw_name);
 
 right before the initgroups() in the non-LOGIN_CAP case.
 
   Bill
State-Changed-From-To: open->feedback 
State-Changed-By: des 
State-Changed-When: Tue Oct 13 13:42:45 PDT 1998 
State-Changed-Why:  
Fixed in revision 1.52 of src/libexec/ftpd/ftpd.c 


Responsible-Changed-From-To: freebsd-bugs->des 
Responsible-Changed-By: des 
Responsible-Changed-When: Tue Oct 13 13:42:45 PDT 1998 
Responsible-Changed-Why:  
So I remember to MFC 
State-Changed-From-To: feedback->closed 
State-Changed-By: des 
State-Changed-When: Tue Jun 8 04:46:12 PDT 1999 
State-Changed-Why:  
2.2 is dead. 
>Unformatted:
