Provided by: isdneurofile_3.12.20071127-0ubuntu11_amd64 bug

NAME

       eft_wuauth - authentication for eftp4linux Eurofile server based on wuftpd.

DESCRIPTION

       If   the   eftp4linux  Eurofile  server  eftd  is  compiled  with  the  CONFIG_EFTD_WUAUTH
       configuration option, it uses user authentication code derived from wuftpd, the Washington
       University ftp daemon.

       In that case eftd authenticates users according to four rules.

       1)     The  user  name  must  be  in  the  password data base, /etc/passwd, or whatever is
              appropriate for the operating system, and the password must not be null.   In  this
              case  a  password  must be provided by the client before any file operations may be
              performed.

       2)     The user name must not appear in the file /etc/isdn/eftusers.

       3)     The user must have a standard shell returned by getusershell(3).  If  login  failed
              for  certain  users,  maybe  that's  because  their  login  shell  is not listed in
              /etc/shells.

       4)     If the user name is ``anonymous'' or ``ftp'', an  anonymous  ftp  account  must  be
              present  in  the password file (user ``ftp'').  In this case the user is allowed to
              log in by specifying any password (by convention this is given as the client host's
              name).

       In  the last case, eftd takes special measures to restrict the client's access privileges.
       The server performs a chroot(2) command to the home directory of  the  ``ftp''  user.   In
       order  that system security is not breached, it is recommended that the ``ftp'' subtree be
       constructed with care;  the following rules are recommended.

       ~ftp)  Make the home directory owned by super-user and unwritable by anyone.

       ~ftp/bin)
              Make this directory owned  by  the  super-user  and  unwritable  by  anyone.   This
              contains  auxilary  programs  that  might  be  forked by eftd(8) or ftpd(8).  These
              programs should have mode 111.   eftd(8)  currently  does  not  need  any  auxilary
              programs.  Thus,  you  only  need  to  put  files  here if you also want to provide
              anonymous ftp service.

       ~ftp/etc)
              Make this directory owned by the super-user and unwritable by  anyone.   The  files
              passwd(5)  and  group(5) must be present for eftd to be able to produce owner names
              rather than numbers in file headers and extended format directory (T-DIR primitive)
              listings.  Depending  on  the  operating system, there may be other required files.
              Check your manual page for the getpwent(3) library routine.  The password field  in
              passwd  is  not used, and should not contain real encrypted passwords.  These files
              should be mode 444 and owned by the super-user.  Don't use the system's /etc/passwd
              file  as the password file or the system's /etc/group file as the group file in the
              ~ftp/etc directory.

       ~ftp/pub)
              Create a subdirectory in ~ftp/pub with the appropriate mode (777  or  733)  if  you
              want to allow normal users to upload files.

       The  Eurofile  file  server  also  allows for finer grained access control by means of the
       files /etc/isdn/eftaccess and /etc/isdn/efthosts.

COPYING

       The main part of eftp4linux is licensed under the LGPL. However,  eft  servers  using  the
       wuauth   authentication  libray  also  contain  code  copyrighted  by  the  University  of
       California, Berkeley, by the Washington University in Saint Louis, and their contributors.
       That code is subject to a BSD style licences with advertisment clause:

       Copyright (c) 1990 The Regents of the University of California.  All rights reserved.

       This code is derived from software contributed to Berkeley by Chris Torek.  Redistribution
       and use in source and binary forms are permitted provided that: (1)  source  distributions
       retain  this entire copyright notice and comment, and (2) distributions including binaries
       display the following acknowledgement:  ``This product includes software developed by  the
       University  of  California,  Berkeley and its contributors'' in the documentation or other
       materials provided with the distribution  and  in  all  advertising  materials  mentioning
       features  or use of this software. Neither the name of the University nor the names of its
       contributors may be used to endorse or promote products derived from this software without
       specific  prior  written  permission.  THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY
       EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE  IMPLIED  WARRANTIES  OF
       MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

       Copyright (c) 1993, 1994  Washington University in Saint Louis All rights reserved.

       Redistribution  and  use  in  source  and  binary forms, with or without modification, are
       permitted provided that the following conditions are met:  1.  Redistributions  of  source
       code  must  retain  the  above copyright notice, this list of conditions and the following
       disclaimer.  2. Redistributions in binary form must reproduce the above copyright  notice,
       this  list  of  conditions  and the following disclaimer in the documentation and/or other
       materials provided  with  the  distribution.   3.  All  advertising  materials  mentioning
       features  or use of this software must display the following acknowledgement: This product
       includes  software  developed  by  the  Washington  University  in  Saint  Louis  and  its
       contributors.  4. Neither the name of the University nor the names of its contributors may
       be used to endorse or promote products derived from this software without  specific  prior
       written permission.

       THIS  SOFTWARE  IS  PROVIDED  BY  WASHINGTON UNIVERSITY AND CONTRIBUTORS ``AS IS'' AND ANY
       EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE  IMPLIED  WARRANTIES  OF
       MERCHANTABILITY  AND  FITNESS  FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
       WASHINGTON UNIVERSITY OR CONTRIBUTORS BE LIABLE  FOR  ANY  DIRECT,  INDIRECT,  INCIDENTAL,
       SPECIAL,  EXEMPLARY,  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
       OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS  INTERRUPTION)
       HOWEVER  CAUSED  AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
       TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN  ANY  WAY  OUT  OF  THE  USE  OF  THIS
       SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

SEE ALSO

       eftd(1), shells(5), getusershell(3), eftaccess(5), efthosts(5), eft_xferlog(5), umask(2)

BUGS

       The anonymous account is inherently dangerous and should be avoided when possible.

       The eftaccess amd efthosts files are currently not yet working as documented.