incubator-mod_ftp-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niklas Edmundsson <>
Subject Re: Directory listings: LFS issues and other funky stuff
Date Wed, 20 Dec 2006 09:32:07 GMT
On Tue, 19 Dec 2006, William A. Rowe, Jr. wrote:

>> I simply don't see large files in the directory listing output, but an
>> strace shows that it stats all files (including the large ones), but
>> then it does something else (a subrequest for each file?) which stats
>> all files except for the large ones.
> Yes - it sounds like you found a symptom of a LFS bug.

I figured as much. Any ideas on where to hunt for it? I find no 
obvious references to the file size, but then I haven't studied all of 
mod_ftp and httpd in detail.

>> If it's doing a subrequest for each file I suspect it's to hide
>> forbidden files. Since we're an anonftp only server this seems rather
>> unneccesary, is there a way to turn it off?
> No, it's not unnecessary, but I agree it should be configurable.  This is
> true of both ftp and mod_autoindex.  Both should -permit- you to ignore
> security of subfolders, ***but*** default to checking security of each
> subfolder.

Yeah. But why is it stat:ing stuff twice? I think that it should be 
sufficient with one round of stat of the files, and if the 
subrequests are needed anyway their stat:s should be enough IMO.

Directory traversals happens more often than you'd like on an anonftp 
server (weird clients, search robots, and so on) so you really want 
this as optimised as possible.

With http you can use IndexOptions TrackModified and let mod_cache 
cache stuff for you to mitigate this somewhat, and limit robots by 
robots.txt. But since it doesn't seem possible to generate the ftp 
dirindex from the http dirindex to get at the caching you atleast want 
ftp dirindexing to be as effective as possible and not kill your 
backend unless it really has to ;)

  Niklas Edmundsson, Admin @ {acc,hpc2n}      |
  "So this is it, we're going to die!" -- Arthur Dent

View raw message