FS#62889 - [vsftpd] Bug in seccomp sandbox
Attached to Project:
Community Packages
Opened by Paul Schaefer (schaeferpp) - Thursday, 13 June 2019, 13:35 GMT
Last edited by Levente Polyak (anthraxx) - Thursday, 04 July 2019, 22:57 GMT
Opened by Paul Schaefer (schaeferpp) - Thursday, 13 June 2019, 13:35 GMT
Last edited by Levente Polyak (anthraxx) - Thursday, 04 July 2019, 22:57 GMT
|
Details
Description:
The seccomp sandbox feature of vsftpd prevents ftp users from getting a directory listing. In the default setting a new process is created for each FTP connection that dies from the signal SIGSYS when trying to do a directory listing. The seccomp_sandbox option of vsftpd is active in the default configuration, when disabling this (setting seccomp_sandbox=NO in the /etc/vsftpd.conf) the directory listing works as intended. This presumably is a bug in vsftpd because it allows the execution of the getdents syscall, but not the getdents64 syscall which is used at least on my two arch linux machines. This problem can be fixed by patching vsftpd. Applying the following patch in vsftpd fixes the bug. --- seccompsandbox.c 2019-06-13 15:08:59.290349197 +0200 +++ seccompsandbox.c.orig 2019-06-13 15:30:04.614378983 +0200 @@ -409,7 +409,6 @@ allow_nr(__NR_getcwd); allow_nr(__NR_chdir); allow_nr(__NR_getdents); - allow_nr(__NR_getdents64); /* Misc */ allow_nr(__NR_umask); Unfortunately, I did not find a way to propose this path for upstream. Additional info: * glibc in version 2.29 * vsftpd in version 3.0.3-4 Steps to reproduce: 1. Install vsftpd 2. strace -f vsftpd 3. use `ftp` tool to connect to localhost, user "anonymous", password empty 4. execute `ls` in the interactive ftp client 5. observe strace's output |
This task depends upon
Closed by Levente Polyak (anthraxx)
Thursday, 04 July 2019, 22:57 GMT
Reason for closing: Fixed
Additional comments about closing: 3.0.3-6
Thursday, 04 July 2019, 22:57 GMT
Reason for closing: Fixed
Additional comments about closing: 3.0.3-6
The correct patch is as follows.
--- seccompsandbox.c.orig 2019-06-13 15:30:04.614378983 +0200
+++ seccompsandbox.c 2019-06-13 15:08:59.290349197 +0200
@@ -409,6 +409,7 @@
allow_nr(__NR_getcwd);
allow_nr(__NR_chdir);
allow_nr(__NR_getdents);
+ allow_nr(__NR_getdents64);
/* Misc */
allow_nr(__NR_umask);