wu-ftp 2.4.2 (release VR16) /bin/ftponly

[[@ (Bluefish [@ home])]

as I previously reported to euro-coders, since I installed the wu-ftpd
version(s) which fixes the beta-18 hole, the good old ftponly hack
described at all pages stopped working (linux 2.0.34, originally redhat
5.0 but modified quite a lot. Yes, shell was in /etc/shells.)

Anyway, my guess was quite trivial, it probably required the shell to go
on forever just as the ssh-ftpd etc. So basicly, I decided that an
appropriate solution was to check if the shell is ftpd, otherwise
terminate.

So, this is my replacement/patch/whatever for a /bin/ftponly which does
allow ftponly, which the ones setup as described in various faq's on the
net failed. Comments are welcome.

This also forwarded to bugtraq. Perhaps a lowpriority, however if many
sites suddenly find their anomonous FTPs stop working that is a security
problem, as they may temporary downgrade or something equally bad.

---< cut here >
#!/bin/sh
#
# ftponly shell

# grepped = 1 means login is ftp. is this a good solution?
PID=$$
GREPPED=$( ps auxw | grep ftpd | grep -v grep | awk '{print $1}' | grep -c $PID )

# only used for text messages, kill it if you like.
WHOAMI=$(whoami)

if [ "$GREPPED" != "1" ]; then
  echo "You're login appears to be none-ftp. bye bye $WHOAMI!"
  exit 0
fi

# this is not really needed, but still...
if [ "$UID" = "0" ]; then
  echo "Err... Sorry. UID 0 isn't nice!"
  exit 0
fi

# debug message, not really shown to ftpusers anyway
echo "[FTPONLY] Login accepted. Welcome $WHOAMI!"

# loop forever. cons/pros ?
while [ "1" = "1" ] do; sleep 10; done

----< and paste? >

[email.ilove] ealliance$hotmail.com || 11a$gmx.net
[web.we.rock] http://194.236.13.242/11a/index.html
[web.we.rock] http://home.swipnet.se/~w-12702/11A/