ftp permissions: summary

Claude.P.Cantin at nrc.ca Claude.P.Cantin at nrc.ca
Thu Oct 11 23:41:33 AEST 1990 

Here is my original question of last week:

>We have, at our site, a combination of SGIs and SUNs.  When using ftp to
>transfer a file from the SGI to the Sun, I end up with permissions
>
>   rw-rw-rw
>
>on the file (try it on the password file: ftp> put /etc/passwd passwd).
>It does not seem to matter on which machine I ftp from/to, the permissions
>always end up as above (as long as the file goes from SGI to Sun...).
>
>My "umask" is set to "022" on both systems.  Any suggestions????  Thanks,

Here are the three answers I got:


+++++++++++++++++++++++++=

From: Fuat C. Baran <fuat at cunixf.cc.columbia.edu>


ftpd's umask is incorrect.  Get the latest ftpd via anonymous ftp from
uunet.uu.net (and possibly make the umask even more secure).

                             --Fuat
+++++++++++++++++++++++++


From: nlf at alux2.att.com

Your problem happens when any machine ftp's a file to a Sun.  The ftpd
deamon is started by inetd.  Hence the umask that applies is that on
inetd at boot time.  You can't make that umask more restrictive or
you break other things.  One thing you can do is take ftpd out of the
inetd startup and run it seperately at boot time with a more
restrictive umask.

I have sent Beverly Ulbrich e-mail on this issue about 9 months ago and
she says Sun will address it at some future time.  I sent in multiple
suggestions on how to fix it - the best is for ftp to recognize when
two Unix machines are connected and to replicate permissions as well
as files.

Using rcp gets rid of this problem also.

++++++++++++++++++++++++++++++

From: arc%thyme.wpd.sgi.com at SGI.COM (Andrew Cherenson)

Assuming the SunOS code is similar to 4.3BSD-tahoe code, the ftp daemon
creates the file using fopen(3), which calls open(2) with a permissions
mask of 0666 (rw-rw-rw).

More recent BSD ftp daemons use a default umask of 027 and let the sysmgr
change the default umask. (The ftpd in SGI's IRIX 3.3 uses a default mask
of 022. You can change it with the -u option (see ftpd(1M)).)

You can get the more recent BSD ftp daemon via ftp from uunet.
I have no idea if it would work on SunOS.

+++++++++++++++++++++++++++


Thank you for all who responded,

          Claude

More information about the Comp.sys.sgi mailing list