From nobody@FreeBSD.org  Wed Feb 14 17:09:33 2007
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id A3D3816A420
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 14 Feb 2007 17:09:33 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [69.147.83.33])
	by mx1.freebsd.org (Postfix) with ESMTP id 94CAA13C4A7
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 14 Feb 2007 17:09:33 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id l1EH9WUF056339
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 14 Feb 2007 17:09:32 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id l1EH9WQN056338;
	Wed, 14 Feb 2007 17:09:32 GMT
	(envelope-from nobody)
Message-Id: <200702141709.l1EH9WQN056338@www.freebsd.org>
Date: Wed, 14 Feb 2007 17:09:32 GMT
From: Ahsan Khan<ahsank@jahil.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: ftpd shows full system files when using FTP with IE7
X-Send-Pr-Version: www-3.0

>Number:         109168
>Category:       misc
>Synopsis:       ftpd shows full system files when using FTP with IE7
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 14 17:10:18 GMT 2007
>Closed-Date:    Wed Feb 14 17:39:02 GMT 2007
>Last-Modified:  Wed Feb 14 17:39:02 GMT 2007
>Originator:     Ahsan Khan
>Release:        4.9-RELEASE FreeBSD 4.9-RELEASE #0
>Organization:
NA
>Environment:
FreeBSD xxxxxxxxx 4.9-RELEASE FreeBSD 4.9-RELEASE #0: Sun Oct 31 11:32:31 EST 2004     root@xxxxxxxx:/usr/src/sys/compile/jahil  i386
>Description:
When using FTP feature of Browser on IE7 browser shows file listing of / and one can then drill down to any other folder including etc, bin can read any file, can download any thing. system security is fully compromised.


>How-To-Repeat:
install IE7 on XP or Vista and open FTP using /etc/inetd.conf, then simplly do the FTP using any account, i have tried accounts with bash shell and it will show you the root of file system insted of user home folder.

These foders are not chroot so in theory users can go up one level and get to other folders anyway.
>Fix:
not known yet
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: remko 
State-Changed-When: Wed Feb 14 17:38:58 UTC 2007 
State-Changed-Why:  
Yes, thank you for reporting this, but this is default behaviour. IE7 
might be changing to the / by default, which either is your homedir (if 
chrooted)or the real /. In this case the latter. This is not uncommon 
for unchrooted environments and will always be possible with accounts 
that can get outside their homedir. No bug, no PR, closing this ticket 
(Thanks for trying to improve FreeBSD though!) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=109168 
>Unformatted:
