[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference noted::seal

Title:SEAL
Moderator:GALVIA::SMITH
Created:Mon Mar 21 1994
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:1989
Total number of notes:8209

1728.0. "Fixed Port for ftpxd data connection" by NETRIX::"[email protected]" (Ross Palmer) Tue Jan 21 1997 23:48

T.RTitleUserPersonal
Name		DateLines
1728.1RFC 959 ComplianceNETRIX::"[email protected]"Ross PalmerWed Jan 22 1997 20:2111
1728.2Code change example for 'old' ftpxdUTRUST::KUIJPERCaught in a World-Wide-Web !Thu Jan 23 1997 03:1647
1728.3Where's the code?NETRIX::"[email protected]"Ross PalmerThu Jan 23 1997 15:349
1728.4QUICHE::PITTAlph a ha is better than no VAX!Fri Jan 24 1997 06:0515
Re .3:

The code for the old DFWS ftp proxy is in the old DFWS kit which is in the
private area on morse.  The modifications required are given in the previous
note.

As for your other question, of course it doesn't work with the AFWU reporting
and alarm mechanism.  It also doesn't in any way interact with the AFWU GUI, nor
does it use the AFWU ACL files.

If you use it, you'll have to do the whole of the ftp part of an old-style DFWS
installation, and you better make sure that your customer understands all these
limitations or there'll be no end of trouble afterwards.

T
1728.5DFWS code, so standalone and unsupportedUTRUST::KUIJPERCaught in a World-Wide-Web !Fri Jan 24 1997 07:1012
    Re .3 & .4:
    
    Ross,
    
    Tony is right (unfortunately).
    This comes from the DFWS kit, not DFWU (or nowadays AVFU).
    One of the reasons I did post the code was to show (again) to
    engineering how easy it is... (sorry I couldn't resist).
    Patching the AVFU ftpxd can not be done by us (without source code that
    is).
    
    /Frank
1728.6ftpxd with port 20 and non-privilegedANNECY::CHATEL_MMon Jan 27 1997 03:3722
    For those who are source code-minded, here is some extra information.
    
    It is also feasible to build an ftpxd that:
    
        1) drops privilege and chroots permanently after startup
           (but it must start as root)
    
        AND
    
        2) uses port 20 (privileged!) for each new FTP data connection
           that it creates
    
    It is not much more work than Frank's modifications, but you cannot
    do this with ftpxd on its own. You need an extra program
    that can "bind" privileged UDP and TCP ports on behalf of other
    processes. Such a program is included free, with source code,
    in the S4 kit distribution, and is called "privportd".
    
       Regards,
       Marc Chatel @ AEO