Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
X-RT-Original-Encoding: iso-8859-1
Content-Length: 2407

From cthallen@aol.net  Thu Dec  6 12:36:39 2001
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76])
	by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id MAA17810
	for <bugs@RT-11.mit.edu>; Thu, 6 Dec 2001 12:36:34 -0500 (EST)
Received: from darkthunder.office.aol.com (pix2-137.pix.aol.com [152.163.191.137])
	by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id MAA21135
	for <krb5-bugs@mit.edu>; Thu, 6 Dec 2001 12:36:33 -0500 (EST)
Received: (from cthallen@localhost)
	by darkthunder.office.aol.com (8.9.3+Sun/8.9.3) id MAA09891;
	Thu, 6 Dec 2001 12:36:33 -0500 (EST)
Message-Id: <200112061736.MAA09891@darkthunder.office.aol.com>
Date: Thu, 6 Dec 2001 12:36:33 -0500 (EST)
From: cthallen@aol.net
Reply-To: cthallen@aol.net
To: krb5-bugs@mit.edu
Cc: syssec@aol.net
Subject: FTPd no user home directory on Solaris causes hang
X-Send-Pr-Version: 3.99

>Number:         1024
>Category:       pending
>Synopsis:       FTPd no user home directory on Solaris causes hang during login
>Confidential:   yes
>Severity:       serious
>Priority:       medium
>Responsible:    gnats-admin
>State:          open
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Thu Dec  6 12:37:00 EST 2001
>Last-Modified:
>Originator:     Chris Hallenbeck
>Organization:
>Release:        krb5-1.2.2
>Environment:
	
System: SunOS ktest 5.7 Generic_106541-09 sun4u sparc SUNW,Ultra-5_10
Architecture: sun4

>Description:
	When using MIT ftp client to connect to an MIT (or Cygnus Kerbnet) ftp
daemon -- where the target host is Solaris 2.6 or newer, the login process will
hang if the target user does not have an accessible home directory (bad perms
or  non-existant path).
>How-To-Repeat:
1) Remove/rename home directory of target user on a Solaris 2.6 or newer host.
2) ftp to target host, when prompted for a username, enter the target user that
has no home directory
 You will receive a banner similar to:
232 GSSAPI user ________@TEST.COM is authorized as _target-user_
 
 and the connection will hang.
3) Performing a clear-text login using the OS-supplied ftp client will NOT encounter
this hang.  It appears that the "230- No directory! Logging in with home=/" error
message from the MIT ftp daemon confuses the MIT ftp client.
>Fix:
1) If practical, create a user home directory (not always possible due to policy/politics).
2) Use encrypted rcp. :-(
>Audit-Trail:
>Unformatted: