rees@pisa.ifs.umich.edu (Jim Rees) (01/02/91)
Archive-name: ftp/server/apollo-ftpd/1990-12-31 Archive: dabo.ifs.umich.edu:/ftpd.tar.Z [141.211.168.73] Original-posting-by: rees@pisa.ifs.umich.edu (Jim Rees) Original-subject: Re: Anonymous ftp on Apollo - How ?? Reposted-by: emv@ox.com (Edward Vielmetti) In article <4edaff33e.0017b5e@caen.engin.umich.edu>, paul@CAEN.ENGIN.UMICH.EDU (Paul Killey) writes: here is my guess as to the current implementation of chroot() under domain/os. chroot(path) char *path; { errno = EPERM; return -1; } That's exactly right. i imagine having an anonymous ftp that lets people rummage around for any world-readable file on your system, like /etc/passwd or whatever, does not seem like a good idea. so you should be aware of this and see what any ftp does that does support anonymous ftp on apollo does in this regard. I imagine one workaround would be munging ftpd so that you check all commands that take a pathname as an arg and see if it would take you out of your "root" directory. or prepend the "root" directory's name to each pathname given, or something like that. There is a version of ftpd that does this and seems to be secure. I haven't had any breakins yet, although I've seen several attempts. I've added the following to the Apollo FAQ file (available from dabo.ifs.umich.edu). Question: Why doesn't Apollo ftpd support anonymous ftp? Answer: Anonymous ftp depends on the chroot() call, which doesn't work on Apollo. There is a patched version of ftpd that supports anonymous ftp by fixing all path names before passing them off to the system. It's available (by anonymous ftp!) from various places, including ocf.berkeley.edu, dabo.ifs.umich.edu, and ftp.eb.ele.tue.nl.