Main page

(frames) (no frames)
About FTP4ALL Getting started Controlling the Server Help and Support Debug and Development
concepts download SITE commands FAQs debug
credits compilation, installation, startup registry helpdesk F4ADP
history config files upgrade from 2.x changelog
license FTP messages

Server concepts

About FTP4ALL

FTP4ALL is a free, open source FTP server implementation for the UNIX platform. The current development platform is Linux, there is no version for other OSes, like Windows, and there is no version planned for it.

FTP4ALL was designed to require no superuser privileges. The advantages are that FTP4ALL cannot be exploited to gain root access on a machine. And second, any user on a UNIX box can run this server.

However, FTP4ALL is not designed to replace wu-ftpd or any other system-level FTP server, for it does not use the default user database (/etc/passwd or NIS or whatever), or the UNIX file and directory permissions. Instead, FTP4ALL sets up its own user and group database and file and directory permission system.

Those and other features like user upload and download ratios, IP checks, bandwidth limit, transfer statistics make FTP4ALL a good choice for running a private, specialised FTP site. There is no binary distribution, the only one is the source distribution. So you must have a C compiler (gcc preferred) and related tools to compile FTP4ALL.

FTP4ALL was developed since Summer 1996 as a free-time project by Christoph Schwarz (aka Crescent). Starting from scratch, the reason for this project was to both interest in UNIX and the Internet, and to learn TCP/IP and system programming under UNIX.

Files and Directories

FTP4ALL uses a file protection scheme similar to that of UNIX. Permissions can be given to three instances: owner, group and world (others). Rights can be assigned to directories and files. For files, the rights are almost the same, with the exception that there is no execute right (but this is not needed for an ftp server). For directories, the rights differ from the UNIX rights. There are not three rights, but seven. These seven rights, that can be given to each of the three instances are:

access The right to change the permissions of this directory and the files within, and to remove the directory
chdir The permission to change to this directory
list The permission to list the contents of the directory
mkdir The right to create a subdirectory in this directory
put The permission to upload a new file to this directory
no limit This is not really a right. When you set this flag, then uploads and downloads to/from this directory do not increase the user's upload/download amount
get If this is set, created files get read permission
overwrite If this is set, created files get write permission


For files, the permissions are mostly like in UNIX:

read The permission to read the file - heird from the get right
write The right to overwrite, delete or rename the file - heird from the overwrite right
chmod The right to change the file permissions - heird from the access right


Access permissions for a directory and the files within are stored in a special file in the same directory, .permissions by default. This file simply contains user id and group id of the owner and the permissions for owner, group and others - for the directory itself and for each file in the directory. If a readme file exists in a directory, its contents is displayed whenever a user changes to this directory.

Users

There are six classes of users:

anonymous This user may log in anonymously, i.e. with his e-mail address as password, or with a default password. Login is possible from any IP address. Anonymous cannot change password (if set), and credit is not saved for later sessions. Access can be restricted by number of sessions and bandwidth used.
normal /
registered
This user has an account with the server, and may log in with his user name and password. An IP range can be set individually for each user, allowing him to log in from certain IP adresses only. Access can be restricted by number of sessions and bandwidth used.
superuser This user also needs login and password, but has unlimited access to files and directories of the server, i.e. access permissions do not count. Furthermore, he can use all SITE commands, allowing him to modify users, groups and other server parameters. The maximum number of users does not apply for superusers. However, IP check applies, superusers can only log in from the given IP range (like registered users), thereby improving security.
siteop Siteops are normal users, but have additional rights in administering the site. Rights granted are not limited to users of certain groups.
groupop Groupops are normal users, but have additional rights in administering the site. Rights granted are limited to users of one or more specified groups.
template This is not an ordinary user account like the other three ones. It is created in order to create other user accounts faster. When creating a normal user account, a template can be specified. Then all user data from the template are copied to the new user account.

Groups

Like in UNIX, users are moved together in groups. Every user must be in one group. This group is called the primary group. Furthermore, a user can be in up to eight secondary groups. There are two differences between the primary group and the secondary groups. The first is, that all files and directories that the user creates get only the primary group id. Second, the user can only run scripts from his primary group.

Files and Configuration

The server itself consists of two binaries, named ftpd and ftps. ftpd is the daemon. Its purpose is to set up the FTP server and to wait for connections. It only terminates by request (shutdown or signal). Every time a client connects, ftpd spawns ftps. ftps then handles the session with the client.
ftpd reads a registry file on startup, named ftpd.reg by default. This file contains the basic configuration, e.g. the port number of the server and the name of the base directory.

Features