From c8cc9e8e671aae07cf3c0019d74129b08df50630 Mon Sep 17 00:00:00 2001
From: mdodd <mdodd@FreeBSD.org>
Date: Mon, 1 Jul 2002 02:30:11 +0000
Subject: Implement a flag to disable directory creation for anonymous users.

PR:		misc/38987
Submitted by:	Peter da Silva <peter@abbnm.com>
MFC after:	1 week
---
 libexec/ftpd/ftpd.8 |  4 +++-
 libexec/ftpd/ftpd.c | 11 +++++++++--
 2 files changed, 12 insertions(+), 3 deletions(-)

(limited to 'libexec')

diff --git a/libexec/ftpd/ftpd.8 b/libexec/ftpd/ftpd.8
index 43544c8..e28376b 100644
--- a/libexec/ftpd/ftpd.8
+++ b/libexec/ftpd/ftpd.8
@@ -40,7 +40,7 @@
 .Nd Internet File Transfer Protocol server
 .Sh SYNOPSIS
 .Nm
-.Op Fl 46ADEORSUdro
+.Op Fl 46ADEMORSUdro
 .Op Fl l Op Fl l
 .Op Fl T Ar maxtimeout
 .Op Fl a Ar address
@@ -95,6 +95,8 @@ and is thus useful on busy servers to reduce load.
 .It Fl E
 Disable the EPSV command.
 This is useful for servers behind older firewalls.
+.It Fl M
+Prevent anonymous users from creating directories.
 .It Fl O
 Put server in write-only mode for anonymous users only.
 RETR is disabled for anonymous users, preventing anonymous downloads.
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c
index 2736946..2ae2d6d 100644
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@@ -143,6 +143,7 @@ int	readonly=0;		/* Server is in readonly mode.	*/
 int	noepsv=0;		/* EPSV command is disabled.	*/
 int	noretr=0;		/* RETR command is disabled.	*/
 int	noguestretr=0;		/* RETR command is disabled for anon users. */
+int	noguestmkd=0;		/* MKD command is disabled for anon users. */
 
 static volatile sig_atomic_t recvurg;
 sig_atomic_t transflag;
@@ -297,7 +298,7 @@ main(int argc, char *argv[], char **envp)
 #endif /* OLD_SETPROCTITLE */
 
 
-	while ((ch = getopt(argc, argv, "AdlDESURrt:T:u:vOoa:p:46")) != -1) {
+	while ((ch = getopt(argc, argv, "AdlDESURrt:T:u:vMOoa:p:46")) != -1) {
 		switch (ch) {
 		case 'D':
 			daemon_mode++;
@@ -380,6 +381,10 @@ main(int argc, char *argv[], char **envp)
 			family = AF_INET6;
 			break;
 
+		case 'M':
+			noguestmkd = 1;
+			break;
+
 		case 'O':
 			noguestretr = 1;
 			break;
@@ -2247,7 +2252,9 @@ makedir(char *name)
 {
 
 	LOGCMD("mkdir", name);
-	if (mkdir(name, 0777) < 0)
+	if (guest && noguestmkd)
+		reply(550, "%s: permission denied", name);
+	else if (mkdir(name, 0777) < 0)
 		perror_reply(550, name);
 	else
 		reply(257, "MKD command successful.");
-- 
cgit v1.1