ftpd(1M) —
NAME
ftpd − DARPA Internet File Transfer Protocol server
SYNOPSIS
/etc/ftpd [ −d ] [ −l ] [ −ttimeout ] [ −Tmaxtimeout ]
DESCRIPTION
ftpd is the DARPA Internet File Transfer Protocol server process. The server uses the TCP protocol and listens at the port specified in the FTP service specification; see services(5).
If the −d option is specified, debugging information is written to the syslog.
If the −l option is specified, each ftp session is logged in the syslog.
The FTP server will timeout an inactive session after 15 minutes. If the −t option is specified, the inactivity timeout period will be set to timeout seconds. A client may also request a different timeout period; the maximum period allowed may be set to timeout seconds with the −T option. The default limit is 2 hours.
The FTP server currently supports the following ftp requests; case is not distinguished:
| Request | Description |
| ABOR | Abort previous command |
| ACCT | Specify account (ignored) |
| ALLO | Allocate storage (vacuously) |
| APPE | Append to a file |
| CDUP | Change to parent of current working directory |
| CWD | Change working directory |
| DELE | Delete a file |
| HELP | Give help information |
| LIST | Give list files in a directory (ls −l) |
| MKD | Make a directory |
| MDTM | Show last modification time of file |
| MODE | Specify data transfer mode |
| NLST | Give name list of files in directory |
| NOOP | Do nothing |
| PASS | Specify password |
| PASV | Prepare for server-to-server transfer |
| PORT | Specify data connection port |
| PWD | Print the current working directory |
| QUIT | Terminate session |
| REST | Restart incomplete transfer |
| RETR | Retrieve a file |
| RMD | Remove a directory |
| RNFR | Specify rename-from file name |
| RNTO | Specify rename-to file name |
| SITE | Non-standard commands (see next section) |
| SIZE | Return size of file |
| STAT | Return status of server |
| STOR | Store a file |
| STOU | Store a file with a unique name |
| STRU | Specify data transfer structure |
| SYST | Show operating system type of server system |
| TYPE | Specify data transfer type |
| USER | Specify user name |
| XCUP | Change to parent of current working directory (deprecated) |
| XCWD | Change working directory (deprecated) |
| XMKD | Make a directory (deprecated) |
| XPWD | Print the current working directory (deprecated) |
| XRMD | Remove a directory (deprecated) |
The following non-standard or UNIX System-specific commands are supported by the SITE request:
| Request | Description |
| UMASK | Change umask, e.g., SITE UMASK 002 |
| IDLE | Xet idle-timer, e.g., SITE IDLE 60 |
| CHMOD | Change mode of a file, e.g., SITE CHMOD 755 file name |
| HELP | Give help information, e.g., SITE HELP |
The remaining ftp requests specified in Internet RFC959 are recognized but not implemented. MDTM and SIZE are not specified in RFC959, but will appear in the next updated FTP RFC.
The FTP server will abort an active file transfer only when the ABOR command is preceded by a Telnet “Interrupt Process” (IP) signal and a Telnet “Synch” signal in the command Telnet stream, as described in Internet RFC959. If a STAT command preceded by Telnet IP and Synch signals is received during a data transfer, transfer status will be returned.
The ftpd program interprets file names according to the “globbing” conventions used by csh(1). This allows users to utilize the metacharacters *, ?, [, ], {, }, ~.
ftpd authenticates users according to four rules:
1)The user name must be in the password database, /etc/passwd, and it must not have a null password. In this case, a password must be provided by the client before any file operations may be performed.
2)The user name must not appear in the file /etc/ftpusers.
3)The user must have a standard shell returned by getusershell(3).
4)If the user name is “anonymous” or “ftp,” an anonymous ftp account must be present in the password file (user “ftp”). In this case the user is allowed to log in by specifying any password (by convention this is given as the client host’s name).
In the last case, ftpd takes special measures to restrict the client’s access privileges. The server performs a chroot(2) command to the home directory of the “ftp” user. In order that system security is not breached, it is recommended that the “ftp” subtree be constructed with care; the following rules are recommended:
~ftp The home directory should be owned by ftp, and it should be unwritable by anyone.
~ftp/bin
This directory should be owned by root (the superuser), and it should be unwritable by anyone. The program ls(1) must be present to support the list command. This program should have mode 111.
~ftp/etc
The owner of this directory should be root, and the directory should be unwritable by anyone. The files passwd(4) and group(4) must be present for the ls command to be able to produce owner names rather than numbers. The password field in passwd is not used and should not contain real encrypted passwords. These files should be mode 444.
~ftp/pub
This directory should be owned by ftp. The directory mode should be 777 . Users should then place files which are to be accessible via the anonymous account in this directory.
~ftp/dev
This directory should be owned by root and it should be unwritable by anyone. The device tcp must be present and have the same major/minor numbers as in /dev/tcp.
~ftp/shlib
This directory is necessary if the ls(1) command in ~ftp/bin uses shared libraries. This would be the case if the ls command was taken from /bin/ls. In this case, a copy of /shlib/libc_s needs to be placed in this directory in order for the list commands to work properly.
SEE ALSO
ftp(1C), syslogd(1M), getusershell(3I), services(5).
BUGS
The anonymous account is inherently dangerous and should be avoided when possible.
The server must run as user root to create sockets with privileged port numbers. It maintains an effective user ID of the logged in user, reverting to root only when binding addresses to sockets. The possible security holes have been extensively scrutinized, but the results are possibly incomplete.
\*U — Version 1.0