![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ftpd.8 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDTahoe / man / man8|
Return to ftpd.8 CVS log | Up to [CSRG BSD Unix] / 43BSDTahoe / man / man8 |
1.1 root 1: .\" Copyright (c) 1985 Regents of the University of California.
2: .\" All rights reserved. The Berkeley software License Agreement
3: .\" specifies the terms and conditions for redistribution.
4: .\"
5: .\" @(#)ftpd.8c 6.4 (Berkeley) 5/28/86
6: .\"
7: .TH FTPD 8C "April 27, 1985"
8: .UC 5
9: .SH NAME
10: ftpd \- DARPA Internet File Transfer Protocol server
11: .SH SYNOPSIS
12: .B /etc/ftpd
13: [
14: .B \-d
15: ] [
16: .B \-l
17: ] [
18: .BR \-t timeout
19: ]
20: .SH DESCRIPTION
21: .I Ftpd
22: is the DARPA Internet File Transfer Prototocol
23: server process. The server uses the TCP protocol
24: and listens at the port specified in the ``ftp''
25: service specification; see
26: .IR services (5).
27: .PP
28: If the
29: .B \-d
30: option is specified,
31: debugging information is written to the syslog.
32: .PP
33: If the
34: .B \-l
35: option is specified,
36: each ftp session is logged in the syslog.
37: .PP
38: The ftp server
39: will timeout an inactive session after 15 minutes.
40: If the
41: .B \-t
42: option is specified,
43: the inactivity timeout period will be set to
44: .IR timeout .
45: .PP
46: The ftp server currently supports the following ftp
47: requests; case is not distinguished.
48: .PP
49: .nf
50: .ta \w'Request 'u
51: \fBRequest Description\fP
52: ABOR abort previous command
53: ACCT specify account (ignored)
54: ALLO allocate storage (vacuously)
55: APPE append to a file
56: CDUP change to parent of current working directory
57: CWD change working directory
58: DELE delete a file
59: HELP give help information
60: LIST give list files in a directory (``ls -lg'')
61: MKD make a directory
62: MODE specify data transfer \fImode\fP
63: NLST give name list of files in directory (``ls'')
64: NOOP do nothing
65: PASS specify password
66: PASV prepare for server-to-server transfer
67: PORT specify data connection port
68: PWD print the current working directory
69: QUIT terminate session
70: RETR retrieve a file
71: RMD remove a directory
72: RNFR specify rename-from file name
73: RNTO specify rename-to file name
74: STOR store a file
75: STOU store a file with a unique name
76: STRU specify data transfer \fIstructure\fP
77: TYPE specify data transfer \fItype\fP
78: USER specify user name
79: XCUP change to parent of current working directory
80: XCWD change working directory
81: XMKD make a directory
82: XPWD print the current working directory
83: XRMD remove a directory
84: .fi
85: .PP
86: The remaining ftp requests specified in Internet RFC 959 are
87: recognized, but not implemented.
88: .PP
89: The ftp server will abort an active file transfer only when the
90: ABOR command is preceded by a Telnet "Interrupt Process" (IP)
91: signal and a Telnet "Synch" signal in the command Telnet stream,
92: as described in Internet RFC 959.
93: .PP
94: .I Ftpd
95: interprets file names according to the ``globbing''
96: conventions used by
97: .IR csh (1).
98: This allows users to utilize the metacharacters ``*?[]{}~''.
99: .PP
100: .I Ftpd
101: authenticates users according to three rules.
102: .IP 1)
103: The user name must be in the password data base,
104: .IR /etc/passwd ,
105: and not have a null password. In this case a password
106: must be provided by the client before any file operations
107: may be performed.
108: .IP 2)
109: The user name must not appear in the file
110: .IR /etc/ftpusers .
111: .IP 3)
112: The user must have a standard shell returned by
113: .IR getusershell (3).
114: .IP 4)
115: If the user name is ``anonymous'' or ``ftp'', an
116: anonymous ftp account must be present in the password
117: file (user ``ftp''). In this case the user is allowed
118: to log in by specifying any password (by convention this
119: is given as the client host's name).
120: .PP
121: In the last case,
122: .I ftpd
123: takes special measures to restrict the client's access privileges.
124: The server performs a
125: .IR chroot (2)
126: command to the home directory of the ``ftp'' user.
127: In order that system security is not breached, it is recommended
128: that the ``ftp'' subtree be constructed with care; the following
129: rules are recommended.
130: .IP ~ftp)
131: Make the home directory owned by ``ftp'' and unwritable by anyone.
132: .IP ~ftp/bin)
133: Make this directory owned by the super-user and unwritable by
134: anyone. The program
135: .IR ls (1)
136: must be present to support the list commands. This
137: program should have mode 111.
138: .IP ~ftp/etc)
139: Make this directory owned by the super-user and unwritable by
140: anyone. The files
141: .IR passwd (5)
142: and
143: .IR group (5)
144: must be present for the
145: .I ls
146: command to work properly. These files should be mode 444.
147: .IP ~ftp/pub)
148: Make this directory mode 777 and owned by ``ftp''. Users
149: should then place files which are to be accessible via the
150: anonymous account in this directory.
151: .SH "SEE ALSO"
152: ftp(1C), getusershell(3), syslogd(8)
153: .SH BUGS
154: The anonymous account is inherently dangerous and should
155: avoided when possible.
156: .PP
157: The server must run as the super-user
158: to create sockets with privileged port numbers. It maintains
159: an effective user id of the logged in user, reverting to
160: the super-user only when binding addresses to sockets. The
161: possible security holes have been extensively
162: scrutinized, but are possibly incomplete.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.