From owner-freebsd-questions  Thu Feb  3 10:53:48 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from comp04.prc.uic.edu (comp04.prc.uic.edu [128.248.230.104])
	by builder.freebsd.org (Postfix) with SMTP id 971973E42
	for <freebsd-questions@freebsd.org>; Thu,  3 Feb 2000 10:53:42 -0800 (PST)
Received: (qmail 99800 invoked by uid 1000); 3 Feb 2000 18:49:24 -0000
Date: Thu, 3 Feb 2000 12:49:24 -0600
From: Lucas Bergman <iceberg@pobox.com>
To: Marc Wandschneider <marcw@lanfear.com>
Cc: freebsd-questions@freebsd.org
Subject: Re: Securing ftpd
Message-ID: <20000203124924.A99674@comp04.prc.uic.edu>
Reply-To: iceberg@pobox.com
References: <AKEALEPEFAKLKAPCDLILKEIOIKAA.marcw@lanfear.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <AKEALEPEFAKLKAPCDLILKEIOIKAA.marcw@lanfear.com>; from marcw@lanfear.com on Thu, Feb 03, 2000 at 09:50:45AM -0800
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> 1. what does the directory entry drwxrwxrwt  .....  mean?  my incoming
> directory is listed as this, but i don't recall seeing the 't' before.

t = sticky bit.  From chmod(1):

1000  (the sticky bit) When set on a directory, unprivileged
      users can delete and rename only those files in the direc-
      tory that are owned by them, regardless of the permissions
      on the directory.  Under FreeBSD, the sticky bit is ignored
      for executable files and may only be set for directories
      (see sticky(8)).

Note that having ~ftp/incoming set to mode 1777 is begging to have your
site used for a warez dump, since files which are uploaded are
immediately world-readable.  There's some info on setting up upload
directories at

        http://www.cert.org/ftp/tech_tips/anonymous_ftp_config

though it's not necessarily perfect.  Note that big, fancy FTP servers
like wu-ftpd have clever ways through config files of controlling upload
directories, but I can't (nor can anyone else, AFAIK) vouch for their
security.

> 2. to prevent uploads, do i merely have to removing the incoming
> directory?

Yes, and remove any other world-writable areas under ~ftp, of course.

HTH,
  Lucas
-- 
                             S. Lucas Bergman
                             Northwestern University
                             Mathematics Department
                             PGP Public Key (0xC0C73619):
                                http://pobox.com/~iceberg/pgpkey.html


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message