by There is a rather serious bug in the SCO port of wu-ftpd 2.4. The file
support/sco.c, which is used when compiling under SCO 3.2, contains an
initgroups() routine since this routine is missing under SCO. This
routine declares an array of group IDs as an "int" rather than a
"gid_t". Since "gid_t" is a typedef for "short" on SCO, the array of
group IDs passed to setgroups() by initgroups() is effectively
corrupted. In my particular case, this was resulting in users logged
in under their own user IDs to having unauthorized access to group 0,
(root), though results would vary based on actual group membership.
The file "sco.c" is also used by the ISC port of wu-ftpd, so that OS
may also be vulnerable.
The problem is easily fixed by declaring the array "groups" as "gid_t",
recompiling, and reinstalling.
--
John W. Temples, III || Providing the first public access Internet
Gulfnet Kuwait || site in the Arabian Gulf region