>Number: 3375 >Category: mod_proxy >Synopsis: proxy ftp fails if parent directory is not readable >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Tue Nov 10 16:40:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.3 >Environment: proxy running on Linux 2.0.35, i586, gcc 2.7.2.3, all 3 "apply to 1.3.3" patches have been applied
talking to ftp server on SunOS 4.1.3, Sparc 2, stock ftp daemon >Description: I attempt to fetch: ftp://www.aeronix.com/pub/private/subdirone/subdirtwo/file.txt the permissions on pub, subdirone, and subdirtwo are 755 the permissions on private are 111 the permissions on file.txt are 644 the owner of all files/directories is root, group is staff ftp daemon does not run as root The result is: The requested URL ftp://www.aeronix.com/pub/private/subdirone/subdirtwo/file.txt was not found on this server. If I change the permissions on private to 555 things work ok. Using a sniffer, I find the failing ftp session goes a little something like this: 220 templeton ftp server(SunOS 4.1) ready USER anonymous 331 Guest login ok, send ident as password PASS apache_proxy@ 230 Guest login ok, access restrictions apply CWD pub 250 CWD command successful CWD private 250 CWD command successful CWD subdirone 250 CWD command successful CWD subdirtwo 250 CWD command successful TYPE I 200 Type set to I PASV 227 Entering passive mode SIZE file.txt 500 'SIZE file.txt' : command not understood PWD 550 getwd: can't open .. 221 You could at least say goodbye >How-To-Repeat: This real life URL causes the same problem ("private" is 111): ftp://ftp.zdnet.nis.newscorp.com/pub/private/sWlIB/utilities/system_utilities/ztsk95.zip >Fix: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
