wu-ftp.2.4.2.bin.ftponly.patch

`Date: Sat, 27 Mar 1999 13:21:46 +0100  
From: "Bluefish [@ home]" <[email protected]>  
To: [email protected]  
Subject: wu-ftp 2.4.2 (release VR16) /bin/ftponly  
  
as I previously reported to euro-coders, since I installed the wu-ftpd  
version(s) which fixes the beta-18 hole, the good old ftponly hack  
described at all pages stopped working (linux 2.0.34, originally redhat  
5.0 but modified quite a lot. Yes, shell was in /etc/shells.)  
  
Anyway, my guess was quite trivial, it probably required the shell to go  
on forever just as the ssh-ftpd etc. So basicly, I decided that an  
appropriate solution was to check if the shell is ftpd, otherwise  
terminate.  
  
So, this is my replacement/patch/whatever for a /bin/ftponly which does  
allow ftponly, which the ones setup as described in various faq's on the  
net failed. Comments are welcome.  
  
This also forwarded to bugtraq. Perhaps a lowpriority, however if many  
sites suddenly find their anomonous FTPs stop working that is a security  
problem, as they may temporary downgrade or something equally bad.  
  
---< cut here >  
#!/bin/sh  
#  
# ftponly shell  
  
# grepped = 1 means login is ftp. is this a good solution?  
PID=$$  
GREPPED=$( ps auxw | grep ftpd | grep -v grep | awk '{print $1}' | grep -c $PID )  
  
# only used for text messages, kill it if you like.  
WHOAMI=$(whoami)  
  
if [ "$GREPPED" != "1" ]; then  
echo "You're login appears to be none-ftp. bye bye $WHOAMI!"  
exit 0  
fi  
  
# this is not really needed, but still...  
if [ "$UID" = "0" ]; then  
echo "Err... Sorry. UID 0 isn't nice!"  
exit 0  
fi  
  
# debug message, not really shown to ftpusers anyway  
echo "[FTPONLY] Login accepted. Welcome $WHOAMI!"  
  
# loop forever. cons/pros ?  
while [ "1" = "1" ] do; sleep 10; done  
  
----< and paste? >  
  
[email.ilove] ealliance$hotmail.com || 11a$gmx.net  
[web.we.rock] http://194.236.13.242/11a/index.html  
  
`