![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ftpd.8 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDTahoe / man / man8|
Return to ftpd.8 CVS log | Up to [CSRG BSD Unix] / 43BSDTahoe / man / man8 |
1.1 ! root 1: .\" Copyright (c) 1985 Regents of the University of California. ! 2: .\" All rights reserved. The Berkeley software License Agreement ! 3: .\" specifies the terms and conditions for redistribution. ! 4: .\" ! 5: .\" @(#)ftpd.8c 6.4 (Berkeley) 5/28/86 ! 6: .\" ! 7: .TH FTPD 8C "April 27, 1985" ! 8: .UC 5 ! 9: .SH NAME ! 10: ftpd \- DARPA Internet File Transfer Protocol server ! 11: .SH SYNOPSIS ! 12: .B /etc/ftpd ! 13: [ ! 14: .B \-d ! 15: ] [ ! 16: .B \-l ! 17: ] [ ! 18: .BR \-t timeout ! 19: ] ! 20: .SH DESCRIPTION ! 21: .I Ftpd ! 22: is the DARPA Internet File Transfer Prototocol ! 23: server process. The server uses the TCP protocol ! 24: and listens at the port specified in the ``ftp'' ! 25: service specification; see ! 26: .IR services (5). ! 27: .PP ! 28: If the ! 29: .B \-d ! 30: option is specified, ! 31: debugging information is written to the syslog. ! 32: .PP ! 33: If the ! 34: .B \-l ! 35: option is specified, ! 36: each ftp session is logged in the syslog. ! 37: .PP ! 38: The ftp server ! 39: will timeout an inactive session after 15 minutes. ! 40: If the ! 41: .B \-t ! 42: option is specified, ! 43: the inactivity timeout period will be set to ! 44: .IR timeout . ! 45: .PP ! 46: The ftp server currently supports the following ftp ! 47: requests; case is not distinguished. ! 48: .PP ! 49: .nf ! 50: .ta \w'Request 'u ! 51: \fBRequest Description\fP ! 52: ABOR abort previous command ! 53: ACCT specify account (ignored) ! 54: ALLO allocate storage (vacuously) ! 55: APPE append to a file ! 56: CDUP change to parent of current working directory ! 57: CWD change working directory ! 58: DELE delete a file ! 59: HELP give help information ! 60: LIST give list files in a directory (``ls -lg'') ! 61: MKD make a directory ! 62: MODE specify data transfer \fImode\fP ! 63: NLST give name list of files in directory (``ls'') ! 64: NOOP do nothing ! 65: PASS specify password ! 66: PASV prepare for server-to-server transfer ! 67: PORT specify data connection port ! 68: PWD print the current working directory ! 69: QUIT terminate session ! 70: RETR retrieve a file ! 71: RMD remove a directory ! 72: RNFR specify rename-from file name ! 73: RNTO specify rename-to file name ! 74: STOR store a file ! 75: STOU store a file with a unique name ! 76: STRU specify data transfer \fIstructure\fP ! 77: TYPE specify data transfer \fItype\fP ! 78: USER specify user name ! 79: XCUP change to parent of current working directory ! 80: XCWD change working directory ! 81: XMKD make a directory ! 82: XPWD print the current working directory ! 83: XRMD remove a directory ! 84: .fi ! 85: .PP ! 86: The remaining ftp requests specified in Internet RFC 959 are ! 87: recognized, but not implemented. ! 88: .PP ! 89: The ftp server will abort an active file transfer only when the ! 90: ABOR command is preceded by a Telnet "Interrupt Process" (IP) ! 91: signal and a Telnet "Synch" signal in the command Telnet stream, ! 92: as described in Internet RFC 959. ! 93: .PP ! 94: .I Ftpd ! 95: interprets file names according to the ``globbing'' ! 96: conventions used by ! 97: .IR csh (1). ! 98: This allows users to utilize the metacharacters ``*?[]{}~''. ! 99: .PP ! 100: .I Ftpd ! 101: authenticates users according to three rules. ! 102: .IP 1) ! 103: The user name must be in the password data base, ! 104: .IR /etc/passwd , ! 105: and not have a null password. In this case a password ! 106: must be provided by the client before any file operations ! 107: may be performed. ! 108: .IP 2) ! 109: The user name must not appear in the file ! 110: .IR /etc/ftpusers . ! 111: .IP 3) ! 112: The user must have a standard shell returned by ! 113: .IR getusershell (3). ! 114: .IP 4) ! 115: If the user name is ``anonymous'' or ``ftp'', an ! 116: anonymous ftp account must be present in the password ! 117: file (user ``ftp''). In this case the user is allowed ! 118: to log in by specifying any password (by convention this ! 119: is given as the client host's name). ! 120: .PP ! 121: In the last case, ! 122: .I ftpd ! 123: takes special measures to restrict the client's access privileges. ! 124: The server performs a ! 125: .IR chroot (2) ! 126: command to the home directory of the ``ftp'' user. ! 127: In order that system security is not breached, it is recommended ! 128: that the ``ftp'' subtree be constructed with care; the following ! 129: rules are recommended. ! 130: .IP ~ftp) ! 131: Make the home directory owned by ``ftp'' and unwritable by anyone. ! 132: .IP ~ftp/bin) ! 133: Make this directory owned by the super-user and unwritable by ! 134: anyone. The program ! 135: .IR ls (1) ! 136: must be present to support the list commands. This ! 137: program should have mode 111. ! 138: .IP ~ftp/etc) ! 139: Make this directory owned by the super-user and unwritable by ! 140: anyone. The files ! 141: .IR passwd (5) ! 142: and ! 143: .IR group (5) ! 144: must be present for the ! 145: .I ls ! 146: command to work properly. These files should be mode 444. ! 147: .IP ~ftp/pub) ! 148: Make this directory mode 777 and owned by ``ftp''. Users ! 149: should then place files which are to be accessible via the ! 150: anonymous account in this directory. ! 151: .SH "SEE ALSO" ! 152: ftp(1C), getusershell(3), syslogd(8) ! 153: .SH BUGS ! 154: The anonymous account is inherently dangerous and should ! 155: avoided when possible. ! 156: .PP ! 157: The server must run as the super-user ! 158: to create sockets with privileged port numbers. It maintains ! 159: an effective user id of the logged in user, reverting to ! 160: the super-user only when binding addresses to sockets. The ! 161: possible security holes have been extensively ! 162: scrutinized, but are possibly incomplete.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.