Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!ucbvax!CAEN.ENGIN.UMICH.EDU!paul
From: paul@CAEN.ENGIN.UMICH.EDU (Paul Killey)
Newsgroups: comp.sys.apollo
Subject: Re: Anonymous ftp on Apollo - How ??
Message-ID: <4edaff33e.0017b5e@caen.engin.umich.edu>
Date: 28 Dec 90 00:07:05 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 39


anonymous ftp not only lets people access your system with
the user name 'anonymous', it also uses the chroot() call
to make the rest of the system (besides ~ftp) unavailable to
the ftp user.

you can't chroot on the apollos.

here is my guess as to the current implementation of chroot()
under domain/os.

chroot(path)
	char *path;
{
	errno = EPERM;
	return -1;
}

i imagine having an anonymous ftp that lets people rummage around for
any world-readable file on your system, like /etc/passwd or whatever,
does not seem like a good idea.  so you should be aware of this and see
what any ftp does that does support anonymous ftp on apollo does in
this regard.  I imagine one workaround would be munging ftpd so that
you check all commands that take a pathname as an arg and see if it
would take you out of your "root" directory.  or prepend the "root"
directory's name to each pathname given, or something like that.

file an apr saying that chroot() does not work.  i am sure apollo
already has a pile of those.

anyway, from the man page on ftpd ... (i think someone mentioned this already).

BUGS
     Because Domain/OS does not support the chroot(2) command, ftpd does not
     support an anonymous ftp account.

Given that it is documented, I'll bet apollo just says no.

--paul