Oberon ||
Library ||
Module Index ||
Search Engine ||
Definition ||
Module
Ulm's Oberon Library:
FTPUnixFileSystems
NAME
FTPUnixFileSystems - present selected UNIX file hierarchy for FTP
SYNOPSIS
PROCEDURE AddHandler(session: FTPSessions.Session; root: ARRAY OF CHAR);
PROCEDURE PermitUploads(session: FTPSessions.Session);
PROCEDURE PermitUpdates(session: FTPSessions.Session);
DESCRIPTION
FTPUnixFileSystems
provides a handler for FTPSessions that presents a
selected file hierarchy of a UNIX file system for the FTP protocol.
AddHandler
installs the support for following FTP commands in conformance
to RFC 959 that allows to access the directory designated by root
and all sub-directories thereof. A pseudo chroot jail on base
of FTPUnixPaths is established that maps ``..'' of root
to root and interpretes all symbolic links below root
relative to root.
By default, read-only access is provided that may be extended by
PermitUploads
which allows non-destructive uploads that prohibit any changes of
existing files and
PermitUpdates
that enables unrestricted access (inside the pseudo chroot jail).
Following FTP commands are handled:
- FTPCommands.allo
is responded by a short message that ALLO is obsolete.
- FTPCommands.appe and FTPCommands.stor
are supported, if permitted.
- FTPCommands.cdup
is equivalent to FTPCommands.cwd with an argument of ``..''.
- FTPCommands.cwd
changes the current directory of a FTP session
(but not that of the server process).
- FTPCommands.list and FTPCommands.nlst:
Directory listings on base of FTPUnixDirLister.
- FTPCommands.mdtm and FTPCommands.size:
File attribute inquiries in conformance to
``Extensions to FTP'' by the FTPEXT Working Group of the IETF,
see http://www.ietf.org/internet-drafts/draft-ietf-ftpext-mlst-12.txt.
- FTPCommands.mkd and FTPCommands.rmd
are supported, if permitted.
- FTPCommands.mode:
The only supported transfer mode is ``S'' (stream mode).
- FTPCommands.pwd:
Prints the current working directory as absolute path
(beginning with ``/'') that is interpreted relative to root.
- FTPCommands.rnfr and FTPCommands.rnto
are supported in case of unrestricted write access (PermitUpdates).
- FTPCommands.rest:
File positions beside 0 are accepted in binary mode only.
- FTPCommands.stru:
The only supported file structure is ``F'' (text file).
- FTPCommands.syst
is answered with ``UNIX Type: L8''.
- FTPCommands.type:
The only accepted transfer types are ``A'', ``A N''
(ASCII mode with LF to CR-LF conversion or vice-versa),
``I'', and ``L 8'' (binary mode without conversions).
- FTPCommands.xcup,
FTPCommands.xcwd,
FTPCommands.xmkd,
FTPCommands.xpwd,
FTPCommands.xrmd
are supported in conformance to RFC 775 and equivalent to their
counterparts of RFC 959.
DIAGNOSTICS
FTPUnixFileSystems
does not generate error events on its own but relates all
error events to session where they may be evaluated and
logged later by FTPLoggers and FTPLogPrinter.
SECURITY CONSIDERATIONS
"/" should never be passed to root. This enables otherwise
a large number of attacks on various devices in /dev or
conflicts with other processes in directories like /tmp
that are writable for everybody. In general, root should
be restricted to private sub-directories where information leaks
provide no security threat and uploaded files are not considered
as executable files or program text without further checks.
Even read-only accesses to home directories are to be
considered as dangerous as
they open access to otherwise secret informations
like .ssh/identity (see ssh(1)).
AddHandler, however, accepts anything as root.
All response texts generated by FTPUnixFileSystems avoid
leakage of the path of root and detailed error messages
that are directly derived from error events. Instead all
pathnames are presented relative to root and standard
error messages are given in case of failures. More informations
may be taken from the logs.
The security considerations of FTPUnixDirLister and
FTPUnixPaths apply.
SEE ALSO
- FTPDataStreams
-
implementation of FTP data channels
- FTPUnixDirLister
-
built-in generation of directory and file listings
- FTPUnixPaths
-
support of pseudo chroot jail
BUGS
FTPCommands.stou is not yet implemented.
Edited by: borchert, last change: 2003/07/10, revision: 1.3, converted to HTML: 2003/07/10
Oberon ||
Library ||
Module Index ||
Search Engine ||
Definition ||
Module