Subject: Re: ftpd and LIST command
To: None <firstname.lastname@example.org>
From: Quentin Garnier <email@example.com>
Date: 02/07/2005 10:09:18
Content-Type: text/plain; charset=us-ascii
On Mon, Feb 07, 2005 at 08:49:05AM +0100, Richard Braun wrote:
> On Mon, Feb 07, 2005 at 02:28:45PM +1100, Luke Mewburn wrote:
> > On Sun, Feb 06, 2005 at 08:01:26PM +0100, Richard Braun wrote:
> > | It seems the netbsd ftpd doesn't handle LIST commands correctly. LI=
> > | works right, but LIST <path> fails (returns no list at all). PR #12=
> > | is about this problem and is still open. Is it a bug or a missing f=
> > Works for me, for "simple" filenames or directories:
> > ftp> debug
> > Debugging on (debug=3D1).
> > ftp> dir bin
> > ---> EPSV
> > 229 Entering Extended Passive Mode (|||19251|)
> > ---> LIST bin
> > 150 Opening ASCII mode data connection for '/bin/ls'.
> > total 608
> > -r-xr-xr-x 1 0 0 289068 Nov 2 2000 ls.off
> > 226 Transfer complete.
> > I haven't (recently) investigated the specific bug described in PR 1266=
> Right. Actually, the problem rises when the command isn't strictly format=
> as "CMD ARG". For example, LIST / works, LIST / doesn't... I don't think
> the RFCs would forbid such commands.
Then read the RFC :)
My idea is that the ftp client should be the one sanitizing the command in
Besides, consider the case where the file or directory name starts with
a space. The FTP protocol itself doesn't have any way to escape it.
Quentin Garnier - firstname.lastname@example.org - cube@NetBSD.org
"When I find the controls, I'll go where I like, I'll know where I want
to be, but maybe for now I'll stay right here on a silent sea."
KT Tunstall, Silent Sea, Eye to the Telescope, 2004.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)
-----END PGP SIGNATURE-----