HP-UX Reference (11i v3 07/02) - 1M System Administration Commands A-M (vol 3)
f
ftpd(1M) ftpd(1M)
When we give the following SITE EXEC
command:
ftp> site exec hi.sh
The output will be as follows:
200-hi.sh
200-hello
200 (end of ’hi.sh’)
Note:
The security of the system will entirely be dependent on what binaries or shell programs that the
administrator has placed in the directory
/etc/ftpd/ftp-exec
. Making this functionality available to
real users who have shell access does not have any major security ramifications, but for anonymous and
guest users who do not have shell access, it does.
The remaining FTP requests specified in Internet RFC 959 are recognized, but not implemented.
MDTM
and SIZE are not specified in RFC 959, but are expected in the next updated
FTP RFC.
The FTP server aborts an active file transfer only when the
ABOR command is preceded by a Telnet "Inter-
rupt Process" (IP) signal and a Telnet "Synch" signal in the command Telnet stream, as described in Inter-
net RFC 959. If
ftpd receives a STAT command during a data transfer, preceded by a Telnet IP and
Synch, it returns the status of the transfer.
ftpd interprets file names according to the "globbing" conventions used by
csh. This allows users to util-
ize the metacharacters
*
, ., [, ], {, }, ˜, and ?.
ftpd authenticates users according to three rules:
• The user name must be in the password data base, /etc/passwd , and not have a null password. The
client must provide the correct password for the user before any file operations can be performed.
• The user name must not appear in the file /etc/ftpd/ftpusers
(see ftpusers(4)).
• The user must have a standard shell returned by
getusershell()
.
Optionally, a system administrator can permit public access or "anonymous FTP." If this has been set up,
users can access the anonymous FTP account with the user name
anonymous or ftp and any non-null
password (by convention, the client host’s name). ftpd does a chroot() to the home directory of user
ftp, thus limiting anonymous FTP users’ access to the system. If the user name is
anonymous or ftp,
an anonymous FTP account must be present in the password file (user
ftp). In this case the user is
allowed to log in by specifying any password (by convention this is given as the user’s e-mail address).
In order to permit anonymous FTP, there must be an entry in the
passwd
database for an account named
ftp. The password field should be *, the group membership should be guest, and the login shell should
be
/usr/bin/false. For example (assuming the
guest group ID is 10):
ftp:*:500:10:anonymous ftp:/home/ftp:/usr/bin/false
The anonymous FTP directory should be set up as follows:
˜ftp The home directory of the FTP account should be owned by user root and mode 555 (not writ-
able). Since
ftpd does a chroot() to this directory, it must have the following subdirectories
and files:
~ftp/usr/bin
This directory must be owned by root and mode 555 (not writable). The file /sbin/ls
should be copied to ˜ftp/usr/bin . This is needed to support directory listing by
ftpd. The command should be mode 111 (executable only). If the FTP account is on
the same file system as /sbin, ˜ftp/usr/bin/ls can be hard link, but it may not
be a symbolic link, because of the chroot(). The command must be replaced when
the system is updated.
Note: The file /usr/bin/ls can also be copied to the directory ˜ftp/usr/bin
in place of /sbin/ls. However, if this is done, a set of relevant libraries must also be
copied under the directory ˜ftp/usr/lib . See the HP-UX Remote Access Services
Administrator’s Guide for details of required libraries. The directory ˜ftp/usr/lib
must be owned by root and mode 555 (not writable). All the libraries copied under this
directory must be mode 555 (not writable).
~ftp/etc
This directory must be owned by root and mode 555 (not writable). It should contain
versions of the files passwd and group. See passwd(4) and group(4). These files must
262 Hewlett-Packard Company − 4 − HP-UX 11i Version 3: February 2007