Issues w/ timezones on gssftpd

Philip Prindeville philipp at redfish-solutions.com
Wed Nov 29 22:17:46 EST 2006 

Russ Allbery wrote:

>Tom Yu <tlyu at MIT.EDU> writes:
>
>  
>
>>It's possible that, in addition to copying /etc/localtime, you may have
>>to copy the entire contents of /usr/share/lib/zoneinfo or whatever the
>>relevant set of database files is.  (assuming someone has set TZ to a
>>value which causes lookups in the timezone database) I think POSIX also
>>defines the value of TZ to override implementation-defined behavior,
>>unless the value of TZ begins with a ":" character.
>>    
>>
>
>I can definitely see the benefit of not having to do this if it's as
>simple as calling tzset before chroot.  I believe tzset is portable to any
>Unix-like system (I could be wrong, but it would surprise me).
>
>Calling tzset first won't help with forking subprocesses, but if that's
>not involved, it's a fairly neat solution to the problem.
>  
>

The fix could be as simple as making sure ctime() gets called
before the chroot(). See the latest patch (attached).

It sacrifices clarity for simplicity/portability, though... Except that
I just tested the fix, and it doesn't work:

Nov 29 19:40:33 mail ftpd[25081]: connection from 192.168.1.8 (pvr.redfish-solutions.com) at Wed Nov 29 19:40:33 2006
Nov 29 19:40:37 mail ftpd[25081]: ANONYMOUS FTP LOGIN FROM 192.168.1.8, pvr.redfish-solutions.com (guest)
Nov 30 02:41:03 mail ftpd[25081]: get /pub/resume-ng.doc
Nov 30 02:41:03 mail ftpd[25081]: get: 55296 bytes transferred



Might still be cleaner to add a HAVE_TZSET hook in the
configure.in script (which I don't know how to do, so I'll have
to dig) and then make the code conditional. Is that acceptable?
Would it need to call tzset_r() as well?


>>I think it would be more correct to configure the chroot environment so
>>that the OS can correctly handle the timezone.
>>    
>>
>
>I don't disagree with this, and certainly that would be more reliable, but
>I can see the argument that people won't know to do this and it requires
>some additional setup that could be avoided.
>
>  
>

I agree: why leave it to the individual to take additional configuration
steps (which he might, after all botch) when you can have the process
load up whatever context it needs before going into its chroot() jail?

If you can make the program do things correctly 100% of the time,
that seems a surer bet than relying on the user to get things correct
100% of the time.

And to further muddy the waters, reading from the tzset man page:

    The  system  time  zone  directory used depends on the (g)libc version.

So... the person setting up the anonymous FTPD jail would also
have to know where the relevant files live for the version of the
glibc that he's using.


-Philip

-------------- next part --------------
A non-text attachment was scrubbed...
Name: gssftpd-timestamp3.patch
Type: text/x-patch
Size: 547 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20061129/9631f3fc/attachment.bin

More information about the krbdev mailing list