From owner-freebsd-questions  Wed Oct 15 00:12:05 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id AAA24463
          for questions-outgoing; Wed, 15 Oct 1997 00:12:05 -0700 (PDT)
          (envelope-from owner-freebsd-questions)
Received: from freebie.lemis.com (gregl1.lnk.telstra.net [139.130.136.133])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id AAA24423
          for <questions@FreeBSD.ORG>; Wed, 15 Oct 1997 00:11:56 -0700 (PDT)
          (envelope-from grog@freebie.lemis.com)
Received: (from grog@localhost)
	by freebie.lemis.com (8.8.7/8.8.5) id QAA09920;
	Wed, 15 Oct 1997 16:41:40 +0930 (CST)
Message-ID: <19971015164140.48074@lemis.com>
Date: Wed, 15 Oct 1997 16:41:40 +0930
From: Greg Lehey <grog@lemis.com>
To: Robert Watson <robert+freebsd@cyrus.watson.org>
Cc: questions@FreeBSD.ORG
Subject: Re: secure anonymous FTP
References: <19971015144413.61249@lemis.com> <Pine.BSF.3.96.971015030651.2452A-100000@cyrus.watson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.84e
In-Reply-To: <Pine.BSF.3.96.971015030651.2452A-100000@cyrus.watson.org>; from Robert Watson on Wed, Oct 15, 1997 at 03:10:12AM -0400
Organisation: LEMIS, PO Box 460, Echunga SA 5153, Australia
Phone: +61-8-8388-8250
Fax: +61-8-8388-8250
Mobile: +61-41-739-7062
WWW-Home-Page: http://www.lemis.com/~grog
Fight-Spam-Now: http://www.cauce.org
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, Oct 15, 1997 at 03:10:12AM -0400, Robert Watson wrote:
> On Wed, 15 Oct 1997, Greg Lehey wrote:
>
>> On Tue, Oct 14, 1997 at 11:51:19PM -0400, Robert Watson wrote:
>>>
>>> I wish to set up an anonymous ftp server that only serves anonymous users
>>> -- i.e., it does not need to authenticate users using passwords ever, and
>>> would live entirely chroot'd, hopefully.  This would minimize the chances
>>> of attacks using anonymous ftp; is there a daemon available that would fit
>>> into this nitch or do I need to roll my own?
>>
>> man 8 ftpd
>>
>> Look at the -A option.
>
> The following line of text can be found there under 2.2.1:
>
>      -A      Allow only anonymous ftp access
>
> This does not provide much in the way of details: for example, presumably
> ftpd still runs as root, does a chroot, gives up root access, etc, at some
> point, which is not defined here.  I was hoping instead for a daemon that
> had more documented semantics (and perhaps better ones.)  For example, the
> daemon runs as root, binds the port, chroots, gives up uid 0 before even
> accepting any connections.  Is this what the -A behavior implies?
>
> Alternatively, I would rather run ftpd from inetd and not use chroot,
> relying on the server to provide security, than have ftpd run as root at
> any point..
>
> The -A option may not provide any enhanced security, other than the server
> promising not to accept authenticated connections? :)  Some clarification
> here would be nice, thanks.

I haven't looked at how this is implemented.  I'm afraid you're going
to have to check the source for that one.

Greg