Bug#1098807: RFP: publicfile -- http and ftp server by Daniel J. Bernstein

To: submit@bugs.debian.org
Subject: Bug#1098807: RFP: publicfile -- http and ftp server by Daniel J. Bernstein
From: Joost van Baal-Ilić <joostvb-debian@mdcc.cx>
Date: Mon, 24 Feb 2025 16:16:59 +0100
Message-id: <[🔎] 20250224151659.GA17623@beskar.mdcc.cx>
Reply-to: Joost van Baal-Ilić <joostvb-debian@mdcc.cx>, 1098807@bugs.debian.org

Package: wnpp
Severity: wishlist

* Package name    : publicfile
  Version         : 0.52
  Upstream Contact: Daniel J. Bernstein, https://cr.yp.to/lists.html#publicfile
* URL             : https://cr.yp.to/publicfile.html
* License         : Public Domain
  Programming Lang: C
  Description     : http and ftp server by Daniel J. Bernstein

 publicfile supplies files to the public through HTTP and FTP.
 .
 Security features:
  - Before accepting any commands, publicfile chroot()s to the public file area
    and sheds root privileges.
  - doesn't let users log in. Intruders can't use publicfile to
    check your usernames and passwords.
  - refuses to supply files that are unreadable to owner, unreadable
    to group, or unreadable to world.
  - never attempts to modify the public file area. It refuses all
    HTTP and FTP modification commands.
  - never runs any other programs. It does not support HTTP CGI or
    FTP SITE EXEC.
 .
 HTTP features: publicfile supports:
  - virtual hosts through the Host field as well as through absolute URLs.
  - HTTP/1.1 persistent connections and chunked responses.
  - user-controlled content types.
  - exact-prefix If-Modified-Since.
 .
 FTP features: publicfile:
  - has built-in LIST and NLST commands. You don't have to bother
    setting up bin/ls, shared libraries, et al. inside the public file area.
  - provides EPLF LIST responses, including options "i", "s", and "m".
  - supports restarted transfers and pipelining.
  - uses local ports above 1024 for PORT connections.
  - prohibits remote ports below 1024 for PORT and prohibits PORT relaying.
  - includes automatic PASV IP protection.
 .
 Next to upstream code, this package contains three simple small shellscripts
 by the package maintainter: ad1810-autoindex - a tool to genetate index.html
 from directory listings; get-publicfile-docs - a tool to download and
 install publicfile documentation; and update-publicfile-contenttype -
 helpful in making publicfile give suitable MIME types with files served.
 .
 publicfile was written in 1999 and didn't change a lot after that.
 Modern features are not supported.  However, if you're
 looking for a small, simple and secure webserver, which integrates with
 the runit and daemontools UNIX service managers, publicfile will suit
 your needs.

I've been maintaining this package since 2014; it is at
https://salsa.debian.org/debian/publicfile/ .   Since 2024 publicfile is in the
Public Domain: its license no longer blocks it from being shipped w/ Debian.
See also Bug #1076635 "publicfile-installer: Re: publicfile distribution
license".

Thanks, Bye,

Joost

Reply to:

Prev by Date: Bug#1098797: ITP: python-webrtc-models -- Data classes for WebRTC specification integration
Next by Date: Bug#1098818: ITP: python-snitun -- End-to-End encryption with SNI proxy on top of a TCP multiplexer
Previous by thread: Bug#1098797: ITP: python-webrtc-models -- Data classes for WebRTC specification integration
Next by thread: Bug#1098818: ITP: python-snitun -- End-to-End encryption with SNI proxy on top of a TCP multiplexer
Index(es):
- Date
- Thread