All rights reserved. The Berkeley software License Agreement
specifies the terms and conditions for redistribution.
@(#)ftpd.8 6.1 (Berkeley) 04/27/85
If the -d option is specified, each socket created will have debugging turned on (SO_DEBUG). With debugging enabled, the system will trace all TCP packets sent and received on a socket. The program trpt (8C) may then be used to interpret the packet traces.
If the -l option is specified, each ftp session is logged on the standard output. This allows a line of the form `/etc/ftpd -l > /tmp/ftplog'' to be used to conveniently maintain a log of ftp sessions.
The ftp server will timeout an inactive session after 60 seconds. If the -t option is specified, the inactivity timeout period will be set to timeout .
The ftp server currently supports the following ftp requests; case is not distinguished.
Request Description ACCT specify account (ignored) ALLO allocate storage (vacuously) APPE append to a file CWD change working directory DELE delete a file HELP give help information LIST give list files in a directory (``ls -lg'') MODE specify data transfer mode NLST give name list of files in directory (``ls'') NOOP do nothing PASS specify password PORT specify data connection port QUIT terminate session RETR retrieve a file RNFR specify rename-from file name RNTO specify rename-to file name STOR store a file STRU specify data transfer structure TYPE specify data transfer type USER specify user name XCUP change to parent of current working directory XCWD change working directory XMKD make a directory XPWD print the current working directory XRMD remove a directory
The remaining ftp requests specified in Internet RFC 765 are recognized, but not implemented.
Ftpd interprets file names according to the ``globbing'' conventions used by csh (1). This allows users to utilize the metacharacters ``*?[]{}~''.
Ftpd authenticates users according to three rules.
In the last case, ftpd takes special measures to restrict the client's access privileges. The server performs a chroot (2) command to the home directory of the ``ftp'' user. In order that system security is not breached, it is recommended that the ``ftp'' subtree be constructed with care; the following rules are recommended.
The anonymous account is inherently dangerous and should avoided when possible.
The server must run as the super-user to create sockets with privileged port numbers. It maintains an effective user id of the logged in user, reverting to the super-user only when binding addresses to sockets. The possible security holes have been extensively scrutinized, but are possibly incomplete.