diff options
| -rw-r--r-- | libexec/ftpd/ftpd.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 68899dd..27182de 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -1653,7 +1653,14 @@ retrieve(char *cmd, char *name) goto done; } if (!S_ISREG(st.st_mode)) { - if (guest) { + /* + * Never sending a raw directory is a workaround + * for buggy clients that will attempt to RETR + * a directory before listing it, e.g., Mozilla. + * Preventing a guest from getting irregular files + * is a simple security measure. + */ + if (S_ISDIR(st.st_mode) || guest) { reply(550, "%s: not a plain file.", name); goto done; } |
