RELEASE NOTES WASHINGTON UNIVERSITY FTP SERVER, RELEASE 2 - Apr 15, 1993 -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*- * REALLY IMPORTANT NOTE * -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*- Do *NOT* use this FTP server under AIX on IBM systems. There is a problem with the handling of UIDs and GIDs after a set[ug]id() call that opens up a fatal security hole when using any non-AIX FTP server. -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*- SEMI-IMPORTANT RELEASE NOTES This is an INTERIM release of my modified FTP server. Because work on the server has been stalled for a long time, and because lots of people seem to want to do the things this server DOES do, I'm releasing this version. To the best of my knowledge, it works and has no major bugs. The features are all incremental, and with one exception, are completely compatible with existing FTP clients. The exception is the multi-line messages the server will use to respond to many commands when some features are enabled, for example: OLD STYLE FTP ftp> cd /pub 220 CWD command successful. THIS FTP ftp> cd /pub 220-Please read the file README 220- it was last modified on Thu Feb 21 10:35:09 1991 - 214 days ago 220 CWD command successful. Some of the older FTP clients, which do not conform to the FTP specifications, barf on these multi-line messages. Multi-line messages can be disabled on a per-connection basis by using a dash (-) as the first character of the user's password. REALLY IMPORTANT RELEASE NOTES The next release of the FTP server is going to include some significant changes. The most important one is that the logging format for file transfers is going to be completely different, and quite incompatible. There will probably *NOT* be any program provided to convert your old logfiles to the new format. ADDITIONS AND BUG-FIXES IN RELEASE 2 1. ftpcount no longer displays multiple listings for classes that have multiple "class ..." lines. 2. Added following abilites configurable in the ftpaccess file. see ftpaccess(5). chmod delete overwrite umask upload passwd_check {} alias path_filter { ...} 3. The conversion table has been moved to a separate file. The fields are: %s:%s:%s:%s:%s:%s:%s:%s Field Description 1 strip prefix 2 strip postfix 3 addon prefix 4 addon postfix 5 external command 6 types 7 options 8 description 4. ftpshut program generates shutdown file for ftp server. Works similarly to shutdown(8). See ftpshut(8). 5. guestgroup access no longer needs an entry in the secondary passwd file (~ftp/etc/passwd). The home directory is now specified as "root/./home" For example: ftptest::100:200:Guest User:/var/ftp/./incoming:/etc/noshell When ftptest logs in, it will chroot to /var/ftp and then chdir to /incoming (which is actually /var/ftp/incoming before the chroot). Since the directory in /etc/passwd actually points to the guest's home directory, they can use .forward files, etc. --- Planned additions for the next release include: o ftppass: a program to make easy the modification (new groups, change passwords, remove groups) of the ftp private access file. --- There is a known bug in SunOS 4.x where syslog() fails after a chroot(). This is BUG ID #1047632. If you are affected by this, CALL SUN AND ADD YOUR NAME TO THE LIST -- they aren't planning on making a patch for SunOS 4.x [it is fixed in SunOS 5.0 -- whenever THAT comes out]. With the SunOS bug, tell them that they must FIX THE PROBLEM, not hack syslog to listen to ~ftp/dev/log as well as /dev/log -- syslogging will then happily fail whenever you use the guestgroup command. As far as I can tell, sendto() is broken for UNIX domain sockets (after chroot()) and is what they need to fix. Chris Myers Internet: chris@wugate.wustl.edu Software Engineer UUCP: ...!uunet!wuarchive!chris Office of the Network Coordinator BITNET: chris@wunet.bitnet Washington University in Saint Louis Phone: +1 314 935 7390 Bryan O'Connor Internet: bryan@fegmania.wustl.edu Software Engineer, wuarchive development UUCP: ...!uunet!wuarchive!bryan Office of the Network Coordinator BITNET: bryan@wunet.bitnet Washington University in Saint Louis Phone: +1 314 935 7048