10.6. Guest Accounts

Previous page
Table of content
Next page

10.6. Guest Accounts

Logging into the FTP server under any real user name allows you to travel over the entire file system. In most cases, however, real users only need to work with their own documents; therefore, guest accounts will suffice for this purpose for all users. Consider an example of how this is done.

First, a new account is created for the user; name it robert_ftp. This is done using the following command: 

 useradd robert_ftp

The corresponding entry for this account in the /etc/passwd file should look similar to the following: 

 robert_ftp:x:507:507::/home/robert_ftp:/bin/bash

This is a standard new user entry. But this account can be used to enter the system locally, and you only want to give it FTP access. Change the shell for the user to /bin/ftponly. There is no such shell right now, but it will be created a little later. In addition, the /home/robert_ftp directory has to be made a root directory. This is done by adding a directory named . (dot) at the end of the user's home directory path .

The edited entry for the robert_ftp user in the /etc/passwd file should look as follows : 

 robert_ftp:x:507:507::/home/robert_ftp/.:/bin/ftponly

Note that the /bin/ftponly shell file does not exist. Create it now. Only one such file has to be created for being used by all guest accounts. The file is created by the cat command as follows: 

 cat >> /bin/ftponly

The command creates a file named ftponly in the /bin/ directory and redirects all subsequent console input to it. Enter the following text from the console: 

 #! /bin/sh echo 'You are not allowed to log in interactively' exit 0

Press the <Ctrl>+<X> key combination. This will save the file, terminate the entry mode, and take you back to the regular console mode.

The first command in the /bin/ftponly file displays the message saying an interactive login is not allowed, and the second terminates the session.

Now the /bin/ftponly file has to be made executable. This is done by the following command: 

 chmod 755 /bin/ftponly

Thus, you have a new user and a shell file for this user. Attempting to log into the system as the robert_ftp user will display the "You are not allowed to log in interactively" message for a moment, followed by termination of the current login session. Thus, you will not be able to log into the system as robert_ftp.

Instead of the /bin/ftponly file, the /dev/nul device can be used as the shell. This is a null device, which cannot process commands and will not allow the user to enter the system. This device is specified in the /etc/passwd file as the console for all system accounts not intended for local work.

There is one little thing left: Tell the FTP server that the robert_ftp user is a guest. This is done by adding the following entry to the ftpaccess file: 

 guestuser robert_ftp

Now, when connecting to the FTP server as robert_ftp, you will only be able to see your directory, which will appear to be the root directory. The rest of the directories above it will not be visible.

On my system, all FTP users work only as guests in their own directories, or anonymously with shared directories. Real FTP user accounts are created only for selected administrators and then only when necessary, because such accounts are more difficult to control.

You only have to restrict access for guest users to a certain directory, with the server protecting the rest. However, there can be problems here. Consider a classic programmer error. Suppose that a user is allowed access to the /home/robert directory and that the server enforces this access by simply checking that any path from this user starts with this string. For hackers, this directory will seem to be the root (/) directory, and they should not be able to reach any higher directories. But take a look at the following command: 

 cat /home/robert/../../../../../etc/passwd

It is supposed to display the contents of the /home/robert/ / / / / /etc/passwd file, but what it displays is the content of the /etc/passwd file. The starting part of the path meets the requirement, so the path is considered to be valid. But then it is followed by multiple / character combinations, each of which specifies a higher-level directory. This combination may be repeated in the path string several times, judged sufficient to take the user to the root directory. The final /etc/passwd part will take you to the password file.

Despite being so obvious and easy to avoid, this bug is quite common. All the programmer has to do is ensure that the address does not contain the / combination and take proper steps if it does. Although the wu-ftp server does not have this bug now, it may acquire it with an update, when the check may be disabled or deleted. This type of thing sometimes happens, especially if the software is developed by a team and the quality control of the overall product is deficient .


Previous page
Table of content
Next page
Hacker Linux Uncovered
Hacker Linux Uncovered
ISBN: 1931769508
EAN: 2147483647
Year: 2004
Pages: 141
Authors: Michael Flenov
BUY ON AMAZON
Java I/O
C & Data Structures (Charles River Media Computer Engineering)
Special Edition Using FileMaker 8
.NET-A Complete Development Cycle
Cultural Imperative: Global Trends in the 21st Century
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy