Anonymous FTP problem
Guy Harris
guy at auspex.auspex.com
Wed Oct 31 12:42:16 AEST 1990
>the other alternative is to duplicate the
>necessary files (i think you'll need at least the shared
>libraries in addition to /dev/zero).
You need all the files that the FTPD(8C) man page says you need:
In the last case, ftpd takes special measures to restrict
the client's access privileges. The server performs a
chroot(2) command to the home directory of the ftp user. In
order that system security is not breached, it is recom-
mended that the ftp subtree be constructed with care; the
following rules are recommended.
ftp Make the home directory owned by ftp and unwritable
by anyone.
~ftp/bin
Make this directory owned by the super-user and
unwritable by anyone. The program ls(1V) must be
present to support the list commands. This program
should have mode 111. Since the default /bin/ls
command is linked with a shared library, so you need
to set up the files for dynamic linking as well.
~ftp/usr/lib/ld.so
the runtime loader must be present and executable.
~ftp/dev/zero
used by the runtime loader, create this with the
command mknod zero c 3 12.
~ftp/usr/lib/libc.so.*
should be a copy of the latest version of the shared
C library.
~ftp/etc
Make this directory owned by the super-user and
unwritable by anyone. The files passwd(5) and
group(5) must be present for the ls command to work
properly. These files should be mode 444.
~ftp/pub
Make this directory mode 777 and owned by ftp.
Users should then place files which are to be acces-
sible via the anonymous account in this directory.
More information about the Comp.unix.questions
mailing list