Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!cs.utexas.edu!uunet!auspex!guy From: guy@auspex.auspex.com (Guy Harris) Newsgroups: comp.unix.questions Subject: Re: Anonymous FTP problem Keywords: crt0: no /dev/zero Message-ID: <4217@auspex.auspex.com> Date: 31 Oct 90 01:42:16 GMT References: <1990Oct22.182238.7120@cca.PUE.UDLAP.MX> <1990Oct24.074454.9992@uwasa.fi> Distribution: comp Organization: Auspex Systems, Santa Clara Lines: 45 >the other alternative is to duplicate the >necessary files (i think you'll need at least the shared >libraries in addition to /dev/zero). You need all the files that the FTPD(8C) man page says you need: In the last case, ftpd takes special measures to restrict the client's access privileges. The server performs a chroot(2) command to the home directory of the ftp user. In order that system security is not breached, it is recom- mended that the ftp subtree be constructed with care; the following rules are recommended. ftp Make the home directory owned by ftp and unwritable by anyone. ~ftp/bin Make this directory owned by the super-user and unwritable by anyone. The program ls(1V) must be present to support the list commands. This program should have mode 111. Since the default /bin/ls command is linked with a shared library, so you need to set up the files for dynamic linking as well. ~ftp/usr/lib/ld.so the runtime loader must be present and executable. ~ftp/dev/zero used by the runtime loader, create this with the command mknod zero c 3 12. ~ftp/usr/lib/libc.so.* should be a copy of the latest version of the shared C library. ~ftp/etc Make this directory owned by the super-user and unwritable by anyone. The files passwd(5) and group(5) must be present for the ls command to work properly. These files should be mode 444. ~ftp/pub Make this directory mode 777 and owned by ftp. Users should then place files which are to be acces- sible via the anonymous account in this directory.