Ticket #2220 (closed defect: fixed)
FTP directories containing @ result severe security risks (eg. deletion of homedir)
| Reported by: | paulnasca | Owned by: | |
|---|---|---|---|
| Priority: | critical | Milestone: | 4.8.0-pre1 |
| Component: | mc-vfs | Version: | 4.7.0.1 |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Branch state: | Votes for changeset: |
Description
If I login to ftp using mc 4.7.0.1 (vfs FTP) and there are directories which contains the "@" character inside the directory name, MC treats it like a "hard link" which points to the home directory (remote or local - in some cases was remote directory and in other cases local directory). So, if I want to recursively delete that directory I end up recursively deleting the local or remote homedir. This does not happen to older versions of mc.
Steps to reproduce:
1) using a different client log in to your ftp server (with login and password) and create a directory "test@…" in any subdirectory
2) using midnight commander ftp plugin log in to the same server
3) browse to the "test@…" and if you enter in that directory, you'll notice that you are in the home directory (or another directory)
4) (don't do this): if you'll recursively delete, you'll end up deleting the whole directory/subdirectories where "test@…" "points" to
I am using Ubuntu 10.4 and mc -V gives this:
GNU Midnight Commander 4.7.0.1
Virtual File System: tarfs, extfs, cpiofs, ftpfs, fish
With builtin Editor
Using system-installed S-Lang library with terminfo database
With subshell support as default
With support for background operations
With mouse support on xterm
With support for X11 events
With internationalization support
With multiple codepages support
Data types: char 8 int 32 long 32 void * 32 off_t 64 ecs_char 8
(In #2361) Merge changeset:f2ebbd2eb4bd9e196963ecaf1f79b31986ad64ac
For getting list of commits in branch type: