Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Multiple vendors FTP denial of service

From: jedi () CLARANET FR
Date: Mon, 19 Mar 2001 18:25:52 GMT
D. J. Bernstein écrit:


The FTP specification doesn't require servers to support .. and *.


  Indeed, it was just popularized by servers calling an extern "ls"
program.


FTP does, however, include an NLST command that lists all files in the
current directory, and a CWD command that switches to a new directory,
and a PWD command
Clients that want globbing can easily implement it using these commands.


  Server-side globbing is unnecessary, but it helps saving bandwidth.
  On a server with no content summary in a file, it can help to find a file
hidden in subdirectories without the headache of a recursive listing.
  For instance, listing */gnome*.rpm is handy to find that gnome-core.rpm
and gnome-lib.rpm are located in the "gn1" directory.

--
             -=- Frank DENIS aka Jedi/Sector One <j () c9x org> -=-
      "If Bill Gates had a dime for every time a Windows box crashed...
                  ... Oh, wait a minute, he already does."
Previous By Date Next
Previous By Thread Next

Current thread: