source: trunk/minix/commands/ftpd200/ftpd.8@ 20

Last change on this file since 20 was 9, checked in by Mattia Monga, 14 years ago

Minix 3.1.2a

File size: 5.1 KB
RevLine 
[9]1.\" Copyright (c) 1985 Regents of the University of California.
2.\" All rights reserved. The Berkeley software License Agreement
3.\" specifies the terms and conditions for redistribution.
4.\"
5.\" @(#)ftpd.8c 6.4 (Berkeley) 5/28/86
6.\"
7.TH FTPD 8
8.SH NAME
9ftpd, in.ftpd, ftpdsh, setup.anonftp \- DARPA Internet File Transfer Protocol server
10.SH SYNOPSIS
11.B "ftp stream tcp nowait root /usr/bin/in.ftpd in.ftpd"
12.br
13.B "tcpd ftp /usr/bin/in.ftpd"
14.SH DESCRIPTION
15.B Ftpd
16is the DARPA Internet File Transfer Prototocol
17server process. The server uses the TCP protocol
18and listens at the port specified in the ``ftp''
19service specification; see
20.BR services (5).
21.PP
22The ftp server currently supports the following ftp
23requests; case is not distinguished.
24.PP
25.nf
26.ta \w'Request 'u
27\fBRequest Description\fP
28ABOR abort previous command
29ACCT specify account (ignored)
30ALLO allocate storage (vacuously)
31APPE append to a file
32CDUP change to parent of current working directory
33CWD change working directory
34DELE delete a file
35HELP give help information
36LIST give list files in a directory (``ls -lA'')
37MKD make a directory
38MODE specify data transfer \fImode\fP
39NLST give name list of files in directory (``ls'')
40NOOP do nothing
41PASS specify password
42PASV prepare for server-to-server transfer
43PORT specify data connection port
44PWD print the current working directory
45QUIT terminate session
46RETR retrieve a file
47RMD remove a directory
48RNFR specify rename-from file name
49RNTO specify rename-to file name
50STOR store a file
51STOU store a file with a unique name
52STRU specify data transfer \fIstructure\fP
53TYPE specify data transfer \fItype\fP
54USER specify user name
55XCUP change to parent of current working directory
56XCWD change working directory
57XMKD make a directory
58XPWD print the current working directory
59XRMD remove a directory
60.fi
61.PP
62The remaining ftp requests specified in Internet RFC 959 are
63recognized, but not implemented.
64.PP
65The ftp server will abort an active file transfer only when the
66ABOR command is preceded by a Telnet "Interrupt Process" (IP)
67signal and a Telnet "Synch" signal in the command Telnet stream,
68as described in Internet RFC 959.
69.PP
70.B Ftpd
71interprets file names according to the ``globbing''
72conventions used by
73.BR csh (1).
74This allows users to utilize the metacharacters ``*?[]{}~''.
75.PP
76.B Ftpd
77authenticates users according to two rules.
78.IP 1)
79The user name must be in the password data base,
80.BR /etc/passwd ,
81and not have a null password. In this case a password
82must be provided by the client before any file operations
83may be performed.
84.IP 2)
85If the user name is ``anonymous'' or ``ftp'', an
86anonymous ftp account must be present in the password
87file (user ``ftp''). In this case the user is allowed
88to log in by specifying any password (by convention this
89is given as the client host's name).
90.PP
91In the last case,
92.B ftpd
93takes special measures to restrict the client's access privileges.
94The server performs a
95.BR chroot (2)
96command to the home directory of the ``ftp'' user.
97In order that system security is not breached, it is recommended
98that the ``ftp'' subtree be constructed with care; the following
99rules are recommended.
100.IP ~ftp)
101Make the home directory owned by ``ftp'' and unwritable by anyone.
102.IP ~ftp/bin)
103Make this directory owned by the super-user and unwritable by
104anyone. The program
105.BR ls (1)
106must be present to support the list commands.
107Also,
108.BR crc (1)
109must be present to support generating crcs using the site command,
110.BR tar (1)
111and
112.BR compress (1)
113must be present to support on-the-fly generation of .tar and .tar.Z archives,
114.BR gzip (1)
115must be present to support gzip compression, and
116.BR sh (1)
117must be present to support
118.BR ftpdsh (8)
119which also must be present.
120.BR ftpdsh controls which binaries can be used.
121These programs should all have mode 111.
122.IP ~ftp/etc)
123Make this directory owned by the super-user and unwritable by
124anyone. The files
125.BR passwd (5)
126and
127.BR group (5)
128must be present for the
129.B ls
130command to work properly. These files should be mode 444. They can (and
131should) be stripped down versions so as not to reveal names of users who
132are not owners of files in the ~ftp/pub directory tree.
133.IP ~ftp/pub)
134Make this directory mode 755 and owned by the super-user. Create
135directories in it owned by users if those users want to manage an
136anonymous ftp directory.
137.IP ~ftp/pub/incoming)
138Optionally create this directory for anonymous uploads. Make it mode
139777. The FTP daemon will create files with mode 266, so remote users
140can write a file, but only local users can do something with it.
141.PP
142The script
143.B setup.anonftp
144can be used to create or check an anonymous FTP tree.
145.SH "SEE ALSO"
146.BR ftp (1).
147.SH BUGS
148The anonymous account is inherently dangerous and should
149avoided when possible.
150.ig \" Minix doesn't have privileged port numbers (yet?)
151.PP
152The server must run as the super-user
153to create sockets with privileged port numbers. It maintains
154an effective user id of the logged in user, reverting to
155the super-user only when binding addresses to sockets. The
156possible security holes have been extensively
157scrutinized, but are possibly incomplete.
158..
159.\" man page updated by Al Woodhull 2005-02-25
160
161
Note: See TracBrowser for help on using the repository browser.