You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by John Auer <ja...@aeronix.com> on 1998/11/11 01:32:16 UTC
mod_proxy/3375: proxy ftp fails if parent directory is not readable
>Number: 3375
>Category: mod_proxy
>Synopsis: proxy ftp fails if parent directory is not readable
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Tue Nov 10 16:40:00 PST 1998
>Last-Modified:
>Originator: ja@aeronix.com
>Organization:
apache
>Release: 1.3.3
>Environment:
proxy running on Linux 2.0.35, i586, gcc 2.7.2.3, all 3 "apply to 1.3.3" patches
have been applied
talking to ftp server on SunOS 4.1.3, Sparc 2, stock ftp daemon
>Description:
I attempt to fetch:
ftp://www.aeronix.com/pub/private/subdirone/subdirtwo/file.txt
the permissions on pub, subdirone, and subdirtwo are 755
the permissions on private are 111
the permissions on file.txt are 644
the owner of all files/directories is root, group is staff
ftp daemon does not run as root
The result is:
The requested URL ftp://www.aeronix.com/pub/private/subdirone/subdirtwo/file.txt was not found on this server.
If I change the permissions on private to 555 things work ok.
Using a sniffer, I find the failing ftp session goes a little something
like this:
220 templeton ftp server(SunOS 4.1) ready
USER anonymous 331 Guest login ok, send ident as password
PASS apache_proxy@ 230 Guest login ok, access restrictions apply
CWD pub 250 CWD command successful
CWD private 250 CWD command successful
CWD subdirone 250 CWD command successful
CWD subdirtwo 250 CWD command successful
TYPE I 200 Type set to I
PASV 227 Entering passive mode
SIZE file.txt 500 'SIZE file.txt' : command not understood
PWD 550 getwd: can't open ..
221 You could at least say goodbye
>How-To-Repeat:
This real life URL causes the same problem ("private" is 111):
ftp://ftp.zdnet.nis.newscorp.com/pub/private/sWlIB/utilities/system_utilities/ztsk95.zip
>Fix:
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request ]
[from a developer. ]
[Reply only with text; DO NOT SEND ATTACHMENTS! ]