From owner-freebsd-security  Mon Feb 19 16:21:40 2001
Delivered-To: freebsd-security@freebsd.org
Received: from hotmail.com (f227.law9.hotmail.com [64.4.9.227])
	by hub.freebsd.org (Postfix) with ESMTP id 22B9837B491
	for <security@FreeBSD.ORG>; Mon, 19 Feb 2001 16:21:36 -0800 (PST)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	 Mon, 19 Feb 2001 16:21:35 -0800
Received: from 12.20.190.1 by lw9fd.law9.hotmail.msn.com with HTTP;	Tue, 20 Feb 2001 00:21:35 GMT
X-Originating-IP: [12.20.190.1]
From: "gerald stoller" <gerald_stoller@hotmail.com>
To: phk@critter.freebsd.dk, des@ofug.org
Cc: security@FreeBSD.ORG
Subject: Re: ftpd's read-only mode
Date: Mon, 19 Feb 2001 19:21:35 -0500
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F227WvTkliOoH3mtg3y00010c2f@hotmail.com>
X-OriginalArrivalTime: 20 Feb 2001 00:21:35.0964 (UTC) FILETIME=[15B9A9C0:01C09AD3]
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org




>From: Poul-Henning Kamp <phk@critter.freebsd.dk>
>To: Dag-Erling Smorgrav <des@ofug.org>
>CC: security@FreeBSD.ORG
>Subject: Re: ftpd's read-only mode
>Date: Mon, 19 Feb 2001 22:26:35 +0100
>
>In message <xzp7l2ml8pa.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav writes:
> >A while ago, Poul-Henning implemented a read-only option in ftpd that
> >makes the server refuse any command that would write, remove or modify
> >a file or directory. Currently, the server will send a 202 reply with
> >the reason "Command ignored. Server is in readonly mode.", but I think
> >that a "550 Permission denied" would be much more appropriate. Does
> >anybody object to this change?
>
>No, go ahead if you think that is better.
>

    SNIP

    ftp  (the ones I've seen so far) never writes to  STDERR  and always 
returns a  0  exit-value.  The only way I have found to determine if there 
is an error in the  ftp  is to put it in verbose mode and  grep  STDOUT  for 
lines beginning with a three digit # whose value lies between  400  &  599  
(because that three digit # range is reserved for IDs of error-messages) and 
delete from this the lines that have the word 'bytes' after a three digit # 
in this range.  This suggested change is right-on because it complies with 
the  RFP  (I forget its #) for  ftp .
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message