SUMMARY: setting up anonymous ftp (easy way)

From: Mike Jenkins (mjenkins@pens-emh2.NCTS.NAVY.MIL)
Date: Fri Feb 19 1993 - 21:23:22 CST


Sun Managers,

I think there is some confusion as to why you
build that directory structure under ~ftp.
You do it to allow the dynamically linked /bin/ls
command (that you copy to ~ftp/bin/ls) to run.
YOU DO NOT DO IT FOR SECURITY! The chroot(2)
happens either way. If you do build the directories
you need to set correct permissions so someone
does not change your ~ftp/bin/ls and related stuff
to do improper things.

Anyway not having the directory structure is still
secure. You just don't get files listed when you
do an ls or dir since ~ftp/bin/ls does not exist.
You can get and put files (if you know what's there).
You can write your your own ~ftp/bin/ls command or build
one that is statically linked only requiring the
~ftp/etc/{passwd,group} files.

Mike Jenkins

Thanks to:
guy@auspex.com (Guy Harris)
ups!kalli!kevin@fourx.Aus.Sun.COM (Kevin Sheehan {Consulting Poster Child})
blymn@mulga.awadi.com.AU (Brett Lymn)
Patrick O'Callaghan <poc@usb.ve>
klarsen@hawkeye.alhrg.wpafb.af.mil (Kristin L. Larsen)
craig@cam.nist.gov (Craig Hunt)
powley@qucis.queensu.ca (Gary Powley)

----- Begin Included Message -----

>From guy@auspex.com Thu Feb 18 21:05:14 1993
To: mjenkins@pens-emh2.NCTS.NAVY.MIL
Subject: Re: setting up anonymous ftp (easy way)
Content-Length: 602
X-Lines: 12

>I always thought you had to make that directory structure under
>~ftp until I anonymous ftp'ed to my machine (someone else setup)
>and to my amazement did not see those subdirectories. I setup
>anonymous ftp on another machine by adding an ftp account in
>/etc/passwd and a simple home directory and it works!!

Define "works". The "ls" command is used by the Berkeley FTP daemon (at
least the version in SunOS 4.x) to implement the "list a directory" FTP
operation.

If "ls" doesn't work, that command won't work; did you test out, for
example, the FTP "ls" command from within the "ftp" command?

----- End Included Message -----

----- Begin Included Message -----

>From ups!kalli!kevin@fourx.Aus.Sun.COM Thu Feb 18 21:08:25 1993
X-Mailer: Mail User's Shell (7.1.1 5/02/90)
To: fourx!pens-emh2.NCTS.NAVY.MIL!mjenkins@fourx.Aus.Sun.COM (Mike Jenkins)
Subject: Re: setting up anonymous ftp (easy way)
Content-Length: 1483
X-Lines: 35

[ Regarding "setting up anonymous ftp (easy way)", fourx!pens-emh2.NCTS.NAVY.MIL!mjenkins writes on Feb 18: ]

> >From the Sun Managers FAQ:
>
> >20) How do I set up anonymous ftp on my machine?
> >
> > Read the man page ftpd(8) in the SunOS 4.x documentation, as
> > the procedure differs from vanilla BSD and most examples in
> > system administration books. The "ls" binary is dynamically linked,
> > requiring you to duplicate ld.so, libc.so.* and /dev/zero in the
> > ftp area. The permissions and ownership of the files within the
> > ftp area are critical to having a secure configuration.
>
> I always thought you had to make that directory structure under
> ~ftp until I anonymous ftp'ed to my machine (someone else setup)
> and to my amazement did not see those subdirectories. I setup
> anonymous ftp on another machine by adding an ftp account in
> /etc/passwd and a simple home directory and it works!!
>
> Did I miss something?

You should have - what did you set up as the home directory? If you
read the ftpd man page, you will see that it does a chroot(2) to the
home directory. If you didn't set up those directories, there should
not have been an ls command (or libaries for it to run) available.

                l & h,
                kev

Kevin Sheehan kevin%ups.uucp@fourx.Aus.Sun.COM |
Uniq Professional Services Pty Ltd ACN 056 279 335 | Why Not?
PO Box 70, Paddington, NSW 2021, (Sydney) Australia |
Phone: +61-2-360-7434 Fax: +61-2-331-2572 |

----- End Included Message -----

----- Begin Included Message -----

>From blymn@mulga.awadi.com.AU Thu Feb 18 22:10:51 1993
Subject: Re: setting up anonymous ftp (easy way)
To: mjenkins@pens-emh2.NCTS.NAVY.MIL
X-Mailer: ELM [version 2.4 PL2]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Length: 946
X-Lines: 22

According to Mike Jenkins:
>
>I always thought you had to make that directory structure under
>~ftp until I anonymous ftp'ed to my machine (someone else setup)
>and to my amazement did not see those subdirectories. I setup
>anonymous ftp on another machine by adding an ftp account in
>/etc/passwd and a simple home directory and it works!!
>
>Did I miss something?
>

Just a few gaping security holes... Like the anonymous account being
able to ftp your passwd file (gimme the address and I will see if I
can find some passwords ;-), if you make a slip up in the permissions
on a file then outsiders will be able to see/browse/overwrite those
files and may be able to grant themselves access to your machine,
generally not a pretty sight.

-- 
Brett Lymn                              | "Smoke me a kipper, I will be
Computer Systems Administrator          |  back for breakfast"
AWA Defence Industries                  | - Arnold "Ace" Rimmer

----- End Included Message -----

----- Begin Included Message -----

>From poc@shaddam.usb.ve Fri Feb 19 06:13:13 1993 To: mjenkins@pens-emh2.NCTS.NAVY.MIL (Mike Jenkins) Subject: Re: setting up anonymous ftp (easy way) Sender: poc@shaddam.usb.ve Content-Length: 1729 X-Lines: 44

>> >> >> >From the Sun Managers FAQ: >> >> >20) How do I set up anonymous ftp on my machine? >> > >> > Read the man page ftpd(8) in the SunOS 4.x documentation, as >> > the procedure differs from vanilla BSD and most examples in >> > system administration books. The "ls" binary is dynamically linked, >> > requiring you to duplicate ld.so, libc.so.* and /dev/zero in the >> > ftp area. The permissions and ownership of the files within the >> > ftp area are critical to having a secure configuration. >> >> I always thought you had to make that directory structure under >> ~ftp until I anonymous ftp'ed to my machine (someone else setup) >> and to my amazement did not see those subdirectories. I setup >> anonymous ftp on another machine by adding an ftp account in >> /etc/passwd and a simple home directory and it works!! >> >> Did I miss something? >> >> Mike Jenkins

I'm not an expert on this, but supposedly ftpd in the anonymous case will do a chroot to the start of the ~ftp tree, meaning you *must* have "those subdirectories" or you won't be able to execute things like "ls". If this doesn't match your experience then:

1) You have an insecure ftpd that's not doing chroot (maybe someone changed it? - you could check with "trace - p <ftpd's pid>").

2) Your directory layout is extremely wierd - unlikely.

3) You're not really doing anonymous ftp but "ordinary" ftp.

4) You have a broken chroot - very unlikely.

5) You're hallucinating :-)

Patrick O'Callaghan Internet: poc@usb.ve Departamento de Computacion NICNAME: PO22 Universidad Simon Bolivar Tel: +058 (2) 963 3022 ext 3320 Apartado de Correos 89000 FAX: +058 (2) 93 71 28 Caracas, Venezuela "There is no Net but the Internet"

----- End Included Message -----

----- Begin Included Message -----

>From klarsen@hawkeye.alhrg.wpafb.af.mil Fri Feb 19 06:44:41 1993 To: mjenkins@pens-emh2.NCTS.NAVY.MIL Subject: Re: setting up anonymous ftp (easy way) Cc: klarsen@hawkeye.alhrg.wpafb.af.mil Content-Length: 734 X-Lines: 17

That is not a true anonymous ftp then. Part of what you saw with the anonymous ftp on your machine that someone else set up is the fact the when a person does an ftp and uses the username anonymous, the ftp s/w does a chroot so that it looks like the user is at the root level. THis is to protect the rest of the system from a hostile or mischievious user from going all over the system and pulling off files such as the *real* passwd file. This is one way crackers get into systems. For security reasons, follow the manuals and set up anonymous ftp correctly, especially since you are also from a milijtary site as I am.

Kris Larsen {klarsen@alhrg.wpafb.af.mil} System Administrator ARC Professional Services (513) 254-9437

----- End Included Message -----

----- Begin Included Message -----

>From craig@cam.nist.gov Fri Feb 19 08:14:56 1993 To: mjenkins@pens-emh2.NCTS.NAVY.MIL Subject: Re: setting up anonymous ftp (easy way) Content-Length: 375 X-Lines: 11

Mike,

What you're missing is security, and by sending your note to a large mailing list you're letting lots of other people know about the security hole on your system. You should shutdown the anonymous ftp account and re-install it following the "standard" procedures. I would also recommend that everyone who has an account on your system change passwords ASAP.

--Craig

----- End Included Message -----

----- Begin Included Message -----

>From powley@qucis.queensu.ca Fri Feb 19 09:14:21 1993 To: mjenkins@pens-emh2.NCTS.NAVY.MIL Subject: Re: setting up anonymous ftp (easy way) Content-Length: 1679 X-Lines: 45

> From the Sun Managers FAQ: > > >20) How do I set up anonymous ftp on my machine? > > > > Read the man page ftpd(8) in the SunOS 4.x documentation, as > > the procedure differs from vanilla BSD and most examples in > > system administration books. The "ls" binary is dynamically linked, > > requiring you to duplicate ld.so, libc.so.* and /dev/zero in the > > ftp area. The permissions and ownership of the files within the > > ftp area are critical to having a secure configuration. > > I always thought you had to make that directory structure under > ~ftp until I anonymous ftp'ed to my machine (someone else setup) > and to my amazement did not see those subdirectories. I setup

did you see ANY directories/files?

> anonymous ftp on another machine by adding an ftp account in > /etc/passwd and a simple home directory and it works!! >

I am not sure what you mean when you say it works. You should be able to login and get files, etc.

The directory structure is mainly to allow two things to work.

1) have the ls command list files. Without the subdirectories, the command will appear to execute (no error messages) but will not list any files that are there.

2) the /etc part allows login names to be listed for user and group ownership of files rather than numbers.

The above applies to a standard system. There are lots of reasons that they may not apply.

'ls' is not dynamically linked.

The home directory was `/`, then the normal system files would be there A new version of the OS has 'changed the rules'.

I have a 'anonymous ftp setup checklist' that I can send you if you want it.

----- End Included Message -----



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:07:30 CDT