From nobody@FreeBSD.org  Sun Oct 19 16:30:59 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 31B341065749
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 19 Oct 2008 16:30:59 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 20C178FC14
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 19 Oct 2008 16:30:59 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id m9JGUw9T099031
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 19 Oct 2008 16:30:58 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id m9JGUw8g099030;
	Sun, 19 Oct 2008 16:30:58 GMT
	(envelope-from nobody)
Message-Id: <200810191630.m9JGUw8g099030@www.freebsd.org>
Date: Sun, 19 Oct 2008 16:30:58 GMT
From: Georgi Iovchev <freebsd@pulsar.bg>
To: freebsd-gnats-submit@FreeBSD.org
Subject: ftpd doesnt respect ftpd.conf
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         128225
>Category:       i386
>Synopsis:       ftpd doesnt respect ftpd.conf
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-i386
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct 19 16:40:00 UTC 2008
>Closed-Date:    Mon Oct 20 18:51:22 UTC 2008
>Last-Modified:  Mon Oct 20 18:51:22 UTC 2008
>Originator:     Georgi Iovchev
>Release:        RELENG_7_0
>Organization:
>Environment:
FreeBSD www.pulsar.bg 7.0-RELEASE-p5 FreeBSD 7.0-RELEASE-p5 #0: Wed Oct 15 02:05:05 EEST 2008     root@test.pulsar.bg:/usr/obj/usr/src/sys/PULSAR  i386
>Description:
From the manpage of ftpd.conf: "The ftpd.conf file specifies various configuration options for ftpd(8) that apply once a user has authenticated their connection."

The bug is that ftpd doesn't respect /etc/ftpd.conf. No matter what I put in /etc/ftpd.conf ftpd behaves the same way.

I have tested it on 7.0-release-p5 i386, and recent 7.1-prerelease amd64. Two machines behave the same way.
>How-To-Repeat:
1.enable ftpd - in /etc/rc.conf put ftpd_enable="yes"
2.create and edit /etc/ftpd.conf
put some directives .. for example these (they should disable some commands for uploading and modifying content):
upload all off
upload REAL off

3.start (or restart) ftpd - /etc/rc.d/ftpd restart
4.connect to ftpd and try creating and deleteting directory
#:> ftp localhost
#:> ftp localhost
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
220 www.pulsar.bg FTP server (Version 6.00LS) ready.
Name (localhost:ed):
331 Password required for ed.
Password:
230 User ed logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> mkd testdirrr
257 "testdirrr" directory created.
ftp> rmd testdirrr
250 RMD command successful.


thats it ... user "ed" in my case is normal user. If ftpd respect /etc/ftpd.conf it should not be posible to create or delete directories through ftp. But it seems that it doesnt read it.


>Fix:


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: remko 
State-Changed-When: Mon Oct 20 18:51:20 UTC 2008 
State-Changed-Why:  
Please look into the difference between lukemftpd and ftpd, we have two 
implementations which overlap. We cannot easily modify the manual pages 
though so making this more obvious is a tedious job. This is not a PR 
though, closing it... Thanks for submitting the report in order to make 
FreeBSD better, it's appreciated! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=128225 
>Unformatted:
