ftpd(1M) ftpd(1M)
NAME
ftpd, in.ftpd - file transfer protocol server
SYNOPSIS
in.ftpd [-B|-S] [-bdl] [-u mask] [-t timeout] [-T max-timeout]
[-F value] [-N value] [-W value] host.socket
DESCRIPTION
ftpd is the Internet File Transfer Protocol (FTP) server process. The
server is invoked by the Internet daemon inetd(1M) each time a connec-
tion to the FTP service [see services(4)] is made, with the connection
available as descriptor 0 and the host and socket from which the con-
nection originated as argument.
OPTIONS
-B The -B option sets the LIBSOCKETBSD=YES environment variable for
the ftpd command. This means that BSD sockets will be used.
-S The -S option sets the LIBSOCKETBSD=NO environment variable for
the ftpd command. This means that STREAMS sockets will be used.
Note:
The -B or -S option overrides the current value of LIBSOCKETBSD
in the shell environment. If neither -B nor -S is set, the
behavior is determined at startup by setting LIBSOCKETBSD.
-b It is no longer possible to change the IP address of the FTP
client using the PORT command. As a result, the "ftp bounce
attack" can be prevented. However, this also means that ftpd will
no longer behave in compliance with RFC. It is still possible to
change the port on the client.
-d Activates debug mode. The debug information is sent to the syslog
daemon [see syslog(3C)].
-l Logs every FTP session via the syslog daemon.
-u mask
Sets the protection bit mask for access permissions to files to
mask. The protection bit mask is a three-digit octal number and
is used to specify the access permissions which are not to be
assigned (see also the umask command). The default setting for
mask is 027, which corresponds to rw-r-----.
-t timeout
Set the inactivity timeout period to timeout, in seconds. The FTP
server will timeout an inactive session after 15 minutes.
Page 1 Reliant UNIX 5.44 Printed 11/98
ftpd(1M) ftpd(1M)
-T max-timeout
Sets the maximum timeout a client can request in the event of
inactivity to the value specified in max-timeout (in seconds). By
default, a value of 2 hours applies.
-F value
value determines the block size for file transfer. This means
that the file being transferred will be read and written in
blocks of this size.
Values between 1 KB and 16 MB are permitted. The default is 32
KB.
-N value
value determines the size of the internal ftp send/receive
buffer.
Values between 1 KB and 16 MB are permitted. The default is 32
KB.
-W value
value is used as the socket option SOSNDBUF or SORCVBUF for
data transfer.
Values between 4 KB and 384 MB are permitted. The default is 24
KB.
In the case of all three options, i.e. -F, -N and -W, you can
specify value as follows:
nk or nK The value is interpreted as n kilobytes.
nm or nM The value is interpreted as n megabytes.
n (digit only) The value is interpreted as n bytes.
Requests
The FTP server currently supports the following FTP requests; case is
not distinguished.
ABOR abort previous command
ACCT specify account (ignored)
ALLO allocate storage (vacuously)
APPE append to a file
CDUP change to parent of current working directory
CWD change working directory
Page 2 Reliant UNIX 5.44 Printed 11/98
ftpd(1M) ftpd(1M)
DELE delete a file
HELP give help information
LIST give list files in a directory (ls -lg)
MKD make a directory
MODE specify data transfer mode
NLST give name list of files in directory (ls)
NOOP do nothing
PASS specify password
PASV prepare for server-to-server transfer
PORT specify data connection port
PWD print the current working directory
QUIT terminate session
RETR retrieve a file
RMD remove a directory
RNFR specify rename-from file name
RNTO specify rename-to file name
SITE run non-standard commands
STOR store a file
STOU store a file with a unique name
STRU specify data transfer structure
TYPE specify data transfer type
USER specify user name
XCUP change to parent of current working directory
XCWD change working directory
XMKD make a directory
XPWD print the current working directory
Page 3 Reliant UNIX 5.44 Printed 11/98
ftpd(1M) ftpd(1M)
XRMD remove a directory
The following non-standard commands are supported by SITE:
UMASK Query and modify the protection bit mask. Query: SITE UMASK.
Modify, stating the new protection bit mask, e. g. SITE
UMASK 077.
IDLE Query and modify the inactivity timeout period, e.g. SITE
IDLE 60.
CHMOD Modify the access permissions to a file, e.g. CHMOD 755
file.
HELP Display help information of the SITE command, e.g. SITE
HELP.
The remaining FTP requests specified in RFC 959 are recognized, but
not implemented.
The FTP server will abort an active file transfer only when the ABOR
command is preceded by a Telnet "Interrupt Process" (IP) signal and a
Telnet "Synch" signal in the command Telnet stream, as described in
RFC 959.
ftpd interprets file names according to the "globbing" conventions
used by sh(1). This allows users to utilize the metacharacters: *, ?,
[, ], {, }, and ~.
ftpd authenticates users according to three rules.
1) The user name must be in the password database, /etc/passwd, and
not have a null password. In this case a password must be provided
by the client before any file operations may be performed.
2) If the user name appears in the file /etc/ftpusers, ftp access is
denied.
3) If the file /etc/shells exists, and the user's shell (from
/etc/passwd) is not listed in this file, access is denied. If
/etc/shells does not exist, access is denied, unless the users
shell is one of the following:
/bin/sh
/bin/ksh
/bin/csh
/usr/bin/sh
/usr/bin/ksh
/usr/bin/csh
Page 4 Reliant UNIX 5.44 Printed 11/98
ftpd(1M) ftpd(1M)
4) If the user name is "anonymous" or "ftp", an anonymous FTP account
must be present in the password file (user "ftp"). In this case the
user is allowed to log in by specifying any password (by convention
this is given as the client host's name).
In the last case, ftpd takes special measures to restrict the client's
access privileges. The server performs a chroot(1M) command to the
home directory of the "ftp" user. In order that system security is not
breached, it is recommended that the "ftp" subtree be constructed with
care; the following rules are recommended.
$HOME
ftp must be the owner of the home directory and nobody else
should be permitted to write to it.
$HOME/bin
This directory should be owned by the superuser and nobody else
should be permitted to write to it. The program ls(1) must be
present to support the list commands. This program should have
mode 111.
$HOME/etc
This directory should be owned by the superuser and nobody else
should be permitted to write to it. Copies of the files
passwd(4), group(4), and netconfig(4) must be present for the ls
command to work properly. These files should be mode 444.
$HOME/pub
This directory should be changed to mode 777 and owned by ftp.
Users should then place files which are to be accessible via the
anonymous account in this directory.
$HOME/dev
This directory should be owned by the superuser and nobody else
should be permitted to write to it. Change to this directory and
enter the following:
FTP="`grep '^ftp:' /etc/passwd | cut -d: -f6`"
MAJORMINOR="`ls -l /dev/tcp | awk '{ gsub(/,/, \" \"); \
print $5, $6}'`"
mknod $FTP/dev/tcp c $MAJORMINOR
chmod 666 $FTP/dev/tcp
$HOME/usr/lib
The superuser (root) should be the owner of this directory and
nobody else should be permitted to write to it. The library
lib.so.1 (from /usr/lib) must exist to support the commands for
printing lists. The access permissions must be set to 555
(r-xr-xr-x) for this program.
Page 5 Reliant UNIX 5.44 Printed 11/98
ftpd(1M) ftpd(1M)
$HOME/dev/zero
The superuser (root) should be the owner of this directory and
nobody else should be permitted to write to it. The device zero
must exist to support the commands for printing lists. The access
permissions must be set to 666 (rw-rw-rw-) for this program. The
command ls -l /dev/zero can be used to establish its device
driver numbers.
NOTES
The anonymous account is inherently dangerous and should be avoided if
possible.
The server must run as the superuser to create sockets with privileged
port numbers. It maintains an effective user id of the logged in user,
reverting to the superuser only when binding addresses to sockets. Any
gaps in security have been examined extensively, but all may not yet
be eliminated.
/etc/ftpusers contains a list of users who cannot access the system;
the format of the file is one username per line.
SEE ALSO
ftp(1), inetd(1M), getsockopt(3N), group(4), netconfig(4), passwd(4),
services(4).
Postel, Jon und Joyce Reynolds, File Transfer Protocol (FTP), RFC 959,
Network Information Center, SRI International, Menlo Park, Calif.,
October 1985.
Page 6 Reliant UNIX 5.44 Printed 11/98