Network Working Group
RFC # 697
NIC # 32963
Jim Lieb
July 14, 1975

CWD Command of FTP


The Tenex file system support a "files only" directory.  This type of
directory cannot be "logged in" but it can be "connected to".  A login
gives directory "owner" access to the job generated by the system and an
address space in which the user can execute programs.   A connect allows
an existing job and its associated user "owner" access to a directory
but creates no address space.  The words "owner", "group", and
"universal" or "public" determine which field of the protection
specification is to be used to check the legality of a file access


The Tenex FTP server does not allow an FTP Login to a "files only" directory. The current protocol contains the CWD (Change Working Directory) command which gets part of the "connect" functions but it does not grant "owner" access to the user. Therefore, there is no way a user can access a "files only" directory as the "owner" (i.e. he can supply the password). This is undesirable for private directories of this type since it is uneconomical to define a user - directory "group" for so few directories and unrestricted "public" access may be undesirable.


There are two approach we can take. Either we remove the distinction "files only" from the FTP login, or we create a command that does the "connect" function. The restriction placed on "files only" directories is based on how we define a user of FTP to the server. If we say that any net user who knows the password to a directory has ownership of that directory as far as FTP is concerned, then we have a solution. If we want an FTP login to be as restrictive as a user login, then we need the second alternative.


Change the protocol in one of the following ways:

1. Remove the restriction on "files only" directories for FTP logins or

  1. Add an optional argument to the CWD (Change Working Directory) command to specify the password string for the directory. If the password check is successful the user is granted ownership rights to that directory. If the password is not present or the check fails, the command functions as it presently does and access is controlled by the current protection mechanism. Anonymous users should not be allowed to use this mechanism to change their access to the file system.
       [ This RFC was put into machine readable form for entry ]
       [ into the online RFC archives by Alex McKenzie with    ]
       [ support from GTE, formerly BBN Corp.            10/99 ]