source: trunk/minix/man/man8/ftpd.8@ 20

Last change on this file since 20 was 9, checked in by Mattia Monga, 14 years ago

Minix 3.1.2a

File size: 4.6 KB
Line 
1.\" Copyright (c) 1985 Regents of the University of California.
2.\" All rights reserved. The Berkeley software License Agreement
3.\" specifies the terms and conditions for redistribution.
4.\"
5.\" @(#)ftpd.8c 6.4 (Berkeley) 5/28/86
6.\"
7.TH FTPD 8
8.SH NAME
9ftpd, in.ftpd, setup.anonftp \- DARPA Internet File Transfer Protocol server
10.SH SYNOPSIS
11.B "ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd"
12.br
13.B "tcpd ftp /usr/sbin/in.ftpd"
14.SH DESCRIPTION
15.B Ftpd
16is the DARPA Internet File Transfer Prototocol
17server process. The server uses the TCP protocol
18and listens at the port specified in the ``ftp''
19service specification; see
20.BR services (5).
21.PP
22The ftp server currently supports the following ftp
23requests; case is not distinguished.
24.PP
25.nf
26.ta \w'Request 'u
27\fBRequest Description\fP
28ABOR abort previous command
29ACCT specify account (ignored)
30ALLO allocate storage (vacuously)
31APPE append to a file
32CDUP change to parent of current working directory
33CWD change working directory
34DELE delete a file
35HELP give help information
36LIST give list files in a directory (``ls -lA'')
37MKD make a directory
38MODE specify data transfer \fImode\fP
39NLST give name list of files in directory (``ls'')
40NOOP do nothing
41PASS specify password
42PASV prepare for server-to-server transfer
43PORT specify data connection port
44PWD print the current working directory
45QUIT terminate session
46RETR retrieve a file
47RMD remove a directory
48RNFR specify rename-from file name
49RNTO specify rename-to file name
50STOR store a file
51STOU store a file with a unique name
52STRU specify data transfer \fIstructure\fP
53TYPE specify data transfer \fItype\fP
54USER specify user name
55XCUP change to parent of current working directory
56XCWD change working directory
57XMKD make a directory
58XPWD print the current working directory
59XRMD remove a directory
60.fi
61.PP
62The remaining ftp requests specified in Internet RFC 959 are
63recognized, but not implemented.
64.PP
65The ftp server will abort an active file transfer only when the
66ABOR command is preceded by a Telnet "Interrupt Process" (IP)
67signal and a Telnet "Synch" signal in the command Telnet stream,
68as described in Internet RFC 959.
69.PP
70.B Ftpd
71interprets file names according to the ``globbing''
72conventions used by
73.BR csh (1).
74This allows users to utilize the metacharacters ``*?[]{}~''.
75.PP
76.B Ftpd
77authenticates users according to three rules.
78.IP 1)
79The user name must be in the password data base,
80.BR /etc/passwd ,
81and not have a null password. In this case a password
82must be provided by the client before any file operations
83may be performed.
84.IP 2)
85The user name must not appear in the file
86.BR /etc/ftpusers .
87.IP 3)
88If the user name is ``anonymous'' or ``ftp'', an
89anonymous ftp account must be present in the password
90file (user ``ftp''). In this case the user is allowed
91to log in by specifying any password (by convention this
92is given as the client host's name).
93.PP
94In the last case,
95.B ftpd
96takes special measures to restrict the client's access privileges.
97The server performs a
98.BR chroot (2)
99command to the home directory of the ``ftp'' user.
100In order that system security is not breached, it is recommended
101that the ``ftp'' subtree be constructed with care; the following
102rules are recommended.
103.IP ~ftp)
104Make the home directory owned by ``ftp'' and unwritable by anyone.
105.IP ~ftp/bin)
106Make this directory owned by the super-user and unwritable by
107anyone. The program
108.BR ls (1)
109must be present to support the list commands. This
110program should have mode 111.
111.IP ~ftp/etc)
112This directory could be created, and could have
113.BR passwd (5)
114and
115.BR group (5)
116databases in it so that
117.B ls
118can show file ownership, but outsiders will grab your password file and
119misuse it to spam you. So don't bother.
120.IP ~ftp/pub)
121Make this directory mode 755 and owned by the super-user. Create
122directories in it owned by users if those users want to manage an
123anonymous ftp directory.
124.IP ~ftp/pub/incoming)
125Optionally create this directory for anonymous uploads. Make it mode
126777. The FTP daemon will create files with mode 266, so remote users
127can write a file, but only local users can do something with it.
128.PP
129The script
130.B setup.anonftp
131can be used to create or check an anonymous FTP tree.
132.SH "SEE ALSO"
133.BR ftp (1).
134.SH BUGS
135The anonymous account is inherently dangerous and should
136avoided when possible.
137.ig \" MINIX 3 doesn't have privileged port numbers (yet?)
138.PP
139The server must run as the super-user
140to create sockets with privileged port numbers. It maintains
141an effective user id of the logged in user, reverting to
142the super-user only when binding addresses to sockets. The
143possible security holes have been extensively
144scrutinized, but are possibly incomplete.
145..
Note: See TracBrowser for help on using the repository browser.