Network Working Group Jim Lieb
RFC # 697 SUMEX-AIM
NIC # 32963 July 14, 1975
CWD Command of FTP
Introduction
The Tenex file system support a "files only" directory. This type of
directory cannot be "logged in" but it can be "connected to". A login
gives directory "owner" access to the job generated by the system and an
address space in which the user can execute programs. A connect allows
an existing job and its associated user "owner" access to a directory
but creates no address space. The words "owner", "group", and
"universal" or "public" determine which field of the protection
specification is to be used to check the legality of a file access
request.
Problem
The Tenex FTP server does not allow an FTP Login to a "files only"
directory. The current protocol contains the CWD (Change Working
Directory) command which gets part of the "connect" functions but it
does not grant "owner" access to the user. Therefore, there is no way a
user can access a "files only" directory as the "owner" (i.e. he can
supply the password). This is undesirable for private directories of
this type since it is uneconomical to define a user - directory "group"
for so few directories and unrestricted "public" access may be
undesirable.
Solution
There are two approach we can take. Either we remove the distinction
"files only" from the FTP login, or we create a command that does the
"connect" function. The restriction placed on "files only" directories
is based on how we define a user of FTP to the server. If we say that
any net user who knows the password to a directory has ownership of that
directory as far as FTP is concerned, then we have a solution. If we
want an FTP login to be as restrictive as a user login, then we need the
second alternative.
Proposal
Change the protocol in one of the following ways:
1. Remove the restriction on "files only" directories for FTP logins or
2. Add an optional argument to the CWD (Change Working Directory)
command to specify the password string for the directory. If the
password check is successful the user is granted ownership rights to
that directory. If the password is not present or the check fails,
the command functions as it presently does and access is controlled
by the current protection mechanism. Anonymous users should not be
allowed to use this mechanism to change their access to the file
system.
[ This RFC was put into machine readable form for entry ]
[ into the online RFC archives by Alex McKenzie with ]
[ support from GTE, formerly BBN Corp. 10/99 ]