incubator-mod_ftp-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wi...@covalent.net>
Subject Sanity check
Date Wed, 31 Jan 2007 17:53:02 GMT
Our example config is less-than-ideal, because we are restricting known-bad
methods.  This can lead to evil or unanticipated side effects.

We need to use LimitExcept to specify known-good things.

Of our list, these are known-good IMHO and would like some more eyes to validate
these can't modify data on the server by their definitions.

ABOR ACCT AUTH CDUP CWD EPRT EPSV FEAT HELP LIST LPRT LPSV MDTM MODE NLST NOOP
PASS PASV PBSZ PORT PROT PWD QUIT REIN REST RETR SIZE STAT STRU SYST TYPE USER
XCWD XPWD

These are the known actions which alter/send information from client to server,
but we make a proper list of these.

MKD RMD ALLO APPE DELE MAIL MLFL MSAM MSND MSOM RNFR RNTO SITE SMNT STOR STOU
XMKD XRMD

These are the byproducts of remake_ftp_protocol on linux.

We can also reduce the good-list because I believe the Xvariants are pre-mapped
before we invoke the subrequest, and the unimplemented ones could be omitted.

Bill


Mime
View raw message