FTP and tcsh don't mix
Neil Rickert
rickert at mp.cs.niu.edu
Sat Nov 10 02:21:29 AEST 1990
In article <1408 at tharr.UUCP> sweh at tharr.UUCP (Stephen Harris) writes:
>In article <4416 at aix.aix.kingston.ibm.com> vendiswc at aix.aix.kingston.ibm.com (Shaun Codner) writes:
>>In article <ramsey.657905203 at sundance> ramsey at sundance.llnl.gov (Susanne Ramsey) writes:
>[Problems with FTP and tcsh on a Sun]
>>Yes, this is probably because you do not have the path for tcsh ( usually
>>/usr/local/bin/tcsh) in the /etc/shells file. FTP checks this file
>
>What is this file /etc/shells ? I am on a MicroVAX running Ultrix 3.1, and
>there is no such file.
>Is this SunOS specific, or am I missing an important file?
>I can FTP OK to and from this machine without the file, even though I am
>using /usr/new/csh as my shell.
>
Newer version of 'ftpd' check this file to see if a user's shell is in
the file. If the file does not exist, they allow only /bin/sh and /bin/csh
as valid shells.
This is a security measure. Many systems have an account for 'sync' with
no password, and with /etc/sync as the shell. With no security restrictions
at all this would allow anybody to ftp into the system and see all files.
The older mechanism was to exclude specific users with the file
/etc/ftpusers where you would list login's such as 'sync' for which ftp
should not be permitted. Recent versions of 'ftpd' also check the users
shell in /etc/shells, and prohibit ftp to an account without a password.
This is a more robust approach than simple reliance on remembering to update
the /etc/ftpusers file.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science <rickert at cs.niu.edu>
Northern Illinois Univ.
DeKalb, IL 60115. +1-815-753-6940
More information about the Comp.unix.admin
mailing list