The Bftpd program is a small, easy-to-configure FTP server.

It strives to be fast, secure and quick to install and configure.

Lastest News


November 12, 2023: Re-applied patch from Bftpd 5.6

Along the line a fix for ratio handling when there is no configuration file, which was applied in Bftpd 5.6, was reverted. This patch has been reapplied and tested. This is the only change in Bftpd 6.2, re-fixing the ratio bug which could block downloads when no configuration file was in use.


January 28, 2022: Minor code clean-up and fix for missing arguments.

Following the widely published exploit which affects pkexec, an audit was doen of the Bftpd code. It turns out that if Bftpd was run without any arguments (no argv) then it could cause the program to crash when syslog logging as enabled. This has been fixed. Now Bftpd will exit cleanly if no arguments are passed.

Basically this shouldn't happen unless the admin intentionally runs Bftpd in a malicious way to make it possible to crash their own FTP service, but we want to avoid the segfault and exit cleanly anyway.

This also gave us the opportunity to clean up some code which make variable scope unclear in some cases. These fixes appear in Bftpd 6.1.


August 3, 2021: Fixed extended passive port assignment.

Version 6.0 of Bftpd contains two changes: a fix and some code clean-up. One feature of Bftpd is the ability to assign which network ports are used by the server in passive mode. This allows the administrator to assign a limited range of ports which can then be matched at the firewall, making it possible for Bftpd to co-exist with the server firewall.

While the passive ports assignment worked in regular passive mode, FTP clients which requested extended passive mode would be assigned a random port number, not necessarily in the passive port range specified. When the client requested extended passive connections this could result in a port being assigned out of range and therefore blocked by a firewall. This has been fixed so that the extended passive mode respects the PASSIVE_PORTS variable in the Bftpd configuration file.

This release also includes some minor code clean-up. Some strings had their lengths calculated multiple times and this has been improved so the string lengths are calculated just once to make the related operations more efficient.


July 12, 2021: Minor bug fix and improvement to directory output.

The new release of Bftpd, version 5.9, includes two noteworthy changes. The first is that file sizes are now right-justified in directory listings. When people are accessing Bftpd from console/terminal clients this makes the output neat and tidy.

The other change is a series of compiler warnings from GCC were addressed. These shoudl not have any functional change, but the adjusted syntax and checks makes the compiler output quiet. Clang produces no warnings at this time.


June 24, 2021: Minor bug fix and spelling corrections.

Version 5.8 of Bftpd addresses two issues. The first is a bug which would cause large files (those greater than 2GB) to have their size incorrectly reported on 32-bit ARM systems. This issue has been corrected, thanks to uomo ukko.

Jens of Fossies collected and shared spelling errors found in the source code and documentation of Bftpd. All reported typos have been fixed in this release.

January 10, 2021: Minor bug fix.

This release, version 5.7, addresses a potential buffer overflow situation where a malicious client could spam passive connections, causing the server to open too many sockets without closing them properly. This issue was reported by Shisong Qin with a suggested fix. The server now cleans up connections prior to allowing new passive connections, fixing the issue.

July 31, 2020: Minor fix for ratios.

Samuel Hsu reported an issue with Bftpd where, when the FTP service is run without a configuration file (via the -n flag) downloads are blocked because the ratio parameter is not set properly. From now on Bftpd assumes a ratio of either "none" or an empty value ("") or a null string, means there is no ratio and all downloads can proceed. Specifying a ratio limits downloads from a client.

This new version, 5.6, also fixes a potential overflow in rare cases in the string handling code.

April 16, 2020: Minor fix.

This release, version 5.5, fixed a file descriptor leak would could cause the Bftpd server to run out of available files it can open when storing/uploading files. Eric Debief provided a patch to correct the issue.

January 9, 2020: Security fix.

A problem was found with the way Bftpd was doing error checking while performing reads during file transfers. This issue could cause an off-by-one error when accessing the heap. This issue was reported by Antonio Morales and has been fixed in Bftpd 5.4.

January 7, 2020: Minor bug fixes.

The release of Bftpd 5.3 includes a few bug fixes, one of which addresses an out of bounds memory access. this can be triggered by uninitialized memory. It is recommended all users update to version 5.3 to get this fix.

Documentation was also updated to make the use of file authentication more clear and address the importance of restricted permissions on the password file.


July 13, 2019: Minor bug fixes.

Bftpd 5.2 includes two minor changes. One is better formatting on access denied errors when an unathorized client tries to sign into an account. The second is a fix for incremental builds in the Makefile. Vemake pointed out that a change in config.h, for example, would not cause a fresh build of Bftpd. Vemake kindly supplied a fix.


April 24, 2019: Improved standards compliance on errors/replies to client. Minor bug fixes.

This release fixes a few bugs and formatting issues when sending replies to a client. Usually these issues are encountered when the client fails to authenticate, either by trying to login to a disabled account or providing an incorrect password. These bugs were mostly with formatting or using the correct style of numberic reply and should not be exploitable, but they may cause standards-strict clients to become confused and/or display an incorrect status message.


October 15, 2018: Minor improvements and reporting.

This release adds more checks for filenames or symlinks which may not be valid. This allows us to report an error to the user rather than fail silently when an invalid path name is provided.


February 27, 2018: Big fix update.

This release fixes a few possible errors by doing a better job of checking and handling the return codes of attempted actions, such as changing directories. Also cleaned up remaining compiler warnings related to unused variables and indenting.

Many thanks to Zhouyang Jia for supplying most of the work on this version.


November 19, 2017: Bug fix update.

This release fixes two minor bugs which could have caused Bftpd to crash during the server's shutdown/clean-up process. Thank you to Alex for reporting the bug.


November 16, 2017: Bug fix update.

This release features one small change which fixes a memory leak in Bftpd's file rename function. Thank you to Alex for reporting this error.


September 30, 2017: Bug fix update.

This release of Bftpd 4.6 fixes two errors. The first is a possible memory corruption when loading the configuration file. The second change makes sure that Bftpd places new clients in a chroot environment, unless the administrator specifically disables the chroot feature. Using a chroot is now the default behaviour, even if the option is not set in the configuration file.


September 6, 2017: Bug fix update.

This release of Bftpd fixes a possible buffer underflow issue when accepting short commands from raw or malicious cliens. Thanks to Andreas for pointing out this flaw.


October 1, 2014: Bug fix update.

This release of Bftpd fixes a potential buffer overflow bug that occurs when the server is compiled with S_ISLINK defined. This bug may cause a buffer overflow when symbolic links are included in a directory listing. The new version 4.4 of Bftpd should process symbolic links properly or, in cases were S_ISLINK is not defined, hide symbolic links. This latter behaviour is provided for added security and to avoid causing Bftpd to hang on some operating systems while processing directory listings where symbolic links exist.


April 25, 2014: Minor update.

This release updates the license file for clarity and fixes a compiler warning with regards to casting a pointer to an integer type.


Dec 22, 2013: Fix for login issue.

Lauri Kasaen reported a bug which could prevent Bftpd from logging in valid users when modern versions of glibc are being used on the system. Lauri provided a patch for the login checks which corrects the error and this has been confirmed to work on older versions of glibc as well.


Oct 28, 2013: Fix for potential crash.

Lauri Kasanen reported a bug in Bftpd. When linked against modern versions of glibc (version 2.17 and newer), calls to crypt() for password checking can return invalid values. This can cause Bftpd to crash. The latest version of Bftpd (4.1) performs a check to avoid the problem.


May 28, 2013: Port to NetBSD.

Following the release of Bftpd 3.9 Thomas Cort sent a patch which should allow the Bftpd server to build on NetBSD. No features or functionality in the service changed. Thanks to Thomas for sending in this patch.


May 27, 2013: Bug fixes and port to MINIX.

Following reports from a security audit performed by Zhenbo Xu the Bftpd project was made aware of several potential bugs in the server. These bugs could cause memory leaks or, possibly, crash the Bftpd service on operating systems where calls to malloc() can return NULL. The bugs and the memory leak reported have been fixed in version 3.9 of Bftpd.

We are also pleased to announce that the Bftpd service now compiles and runs on the MINIX operating system without requiring any modifications. MINIX users can unpack the Bftpd source code and run the usual "./configure, make, make install" to get a working Bftpd. Some special features of Bftpd will not work with MINIX, but core functionality, file transfers and directory listings work. To assist MINIX admins we include a special MINIX configuration file with the Bftpd source code. This example configuration file, bftpd.conf.minix, is designed to work out of the box on MINIX machines. This file should be copied to the /etc directory under the name /etc/bftpd.conf, please see the documentation for details on configuring Bftpd.


May 8, 2012: Minor bug fix release.

The new release of Bftpd, version 3.8, addresses two minor issues. The first is on 64-bit systems it could be possible for time stamps on user logins to become corrupted, at least if the clocks are running at a date which would require more than 32-bit to store. This has been corrected. The second fix is that Bftpd will now make a small effort to find its configuration file. Previously Bftpd was hard-coded to look in /etc/bftpd.conf for its settings. Now Bftpd will check there, and it will also check PREFIX/etc/bftpd.conf. The prefix variable can be set at compile time, see line 5 of the Makefile.


February 20, 2012: Bug fix release.

This release of Bftpd, version 3.7, corrects a number of problems with the Makefile and the way in which the configuration file is parses. Namely, the Makefile now respects the "prefix" variable and can, if required, install Bftpd into unusual locations, including a prefix where the expected directories (ie /usr, /etc) do not yet exist. This release attempts to load the configuration file faster and is more tolerant of unexpected spaces and end-of-line comments.

A few minor compiler warnings have also been cleared up to make building with GCC smoother. Thanks to Zhang and Martin for reporting bugs and suggesting fixes.

July 27, 2011: Minor bug fix release.

Martin reported two issues, both of which have been fixed in version 3.6 of Bftpd. The first bug to be fixed concerns text file authentication. Users home directories had to be quite short previously, and the length of path names when using text file authentication has been increased.

The other bug concerns files which are really named pipes. If a named pipe is in a directory performing a directory listing would cause the connection to hang. This has been fixed so named pipes are handled properly.

Thanks to Martin for reporting these problems and for helping to test the fixes.


July 10, 2011: Minor bug fix release.

Tony Wang pointed out a bug which could cause Bftpd to fail to properly bind itself to a socket. Version 3.5 fixes the issue.
Thanks to Tony for both reporting the bug and supplying a patch to correct the issue.


May 11, 2011: Minor bug fix/feature addition.

The 3.3 version of Bftpd included a fix to work around the GNU C library's method of getting the current time zone information in a chroot environment. Other C libraries may not need this internal work-around.

A new option has been added to the Bftpd configuration file (bftpd.conf) called TIMEZONE_FIX. By default Bftpd tries to find its own time zone data. However, setting TIMEZONE_FIX="no" will cause Bftpd to hand time zone handling back to the C library.


May 8, 2011: Minor bug fix update.

A bug in the way time zone information is determined when running in a chroot environment has caused some users to find their log file is time stamped incorrectly. Generally log entries have appeared in GMT (or UTC) time, rather than local time. This is the same problem reported in this ProFTPd bug. This new release of Bftpd, version 3.3, includes a work around to calculate the current time zone prior to entering the chroot environment.


March 6, 2011: Minor feature update.

The 3.2 release of Bftpd includes one minor fix, which lets Bftpd hide files controlled by a certain group to be hidden from the client. It also adds a new value to the SHOW_HIDDEN_FILES variable. Previously we could set Bftpd to always show hidden files or never show them. A new value has been added which will cause Bftpd to show hidden files to the client only when the client requests hidden files in the directory listing. This should clear up compatibility issues with clients like Filezilla.


September 22, 2010: Important security update.

Paul Laufer was kind enough to point out that the last few versions of Bftpd have shipped with a potential security problem. By default, the anonymous FTP account was left turned on. This means that if the system administrator leaves the anonymous account enabled and does not set the anonymous user's chroot option, remote users will have almost unlimited access to the server. By default the anonymous user account should be disabled.

If you are running Bftpd, please check your configuration file (typically /etc/bftpd.conf) and look at the section near the bottom regarding the FTP user. Either DENY_LOGIN should be set or ROOTDIR should point to a safe location where a remote user cannot do harm to the rest of the system. At this time a fix in the form of Bftpd-3.1 is being uploaded which locks down the anonymous account.

Also, in an effort to avoid leaving people in the dark, we are setting up a security mailing list. This list will be used only to annouce new releases and security warnings. If you would like to subscribe to the mailing list, please get in touch with us via our Contact page.

September 4, 2010: New stable release.

This new release, 3.0, contains our corrected documentation and the new Slovak documentation. There were no code changes between 2.9 and 3.0.

August 30, 2010: Added Slovak documentation.

Dusan kindly submitted a translation of the Bftpd documentation in the Slovak language. You can find a copy of the new pages on the Documents page. The next source releaseof Bftpd will also include the new translation.

July 7, 2010: Documentation update.

Updated the documentation on the website to fix broken links. The documentation now includes a section on configuration options. Thanks to Xiang for pointing out the page was missing.

June 2, 2010: Anonymous login bug fix.

A bug was found in the way bftpd handles anonymous logins. When an anonymous user connects, the ROOTDIR option in the configuration file was was being ignored. The new release, 2.9, corrects this problem. Thanks to Paul Laufer for reporting this issue.

This release also fixes an issue where the bftpd log file would get erased on Ubuntu during a reboot of the system.

May 25, 2010: PC-BSD support

I am happy to annouce that, with the help of PC-BSD founder, Kris Moore, we're now able to offer one-click install files for PC-BSD users. The PBI package can be found here. Please test it and let us know how it works. All going well we hope to see Bftpd offered through PC-BSD's package manager soon. For those of you on FreeBSD, the bftpd server is offered through their Ports collection.


April 19, 2010: New release

The 2.8 release brings a lot of improvements and bug fixes to Bftpd.

There were some cases where the user config options might not be read properly, depending on how Bftpd was compiled. This has been fixed so options should always be read.

Anonymous logins have been fixed. This broke a few releases back and it's been corrected. We have also disabled anonymous logins by default. You can allow anonymous logins in the configuration file.

If several Bftpd sessions all die at once, the system will now clean up the zombie processes.

The "list" command now recognizes the "-a" paramater, allowing clients to see hidden files. This function only works if the administrator has turned on the configuration file option SHOW_HIDDEN_FILES.

The search function has been updated, allowing users to see symbolic links, even if those links are broken. For this feature to work, the configuration file option SHOW_NONREADABLE_FILES must be turned on.

Many thanks to Raster who contributed most of the improvements for this release. Also thanks to Oliver Metz for reporting bugs.

In short, we've fixed a few things, tried to make the system more secure out of the box and added some optional functionality. Please see the contact page if you would like to report a problem.


March 28, 2010: Stable release

This release, 2.7, fixes an issue where an FTP client would attempt to delete a directory on the server. The server would previously send back the same error regardless if the directory was full or if the client did now have permission to delete it. This would confuse some clients. Thanks to Raster for providing this patch.
This release also clears up some complier warnings from gcc 4.4.1.

October 19, 2009: Stable release

This release of version 2.6 fixes a few minor bugs with the bandwidth logging feature introduced in 2.5. Primarily it makes sure bandwidth is logged even if the client does not disconnect cleanly.

October 9, 2009: Stable release

This release, version 2.5, contains two new features. It improves UTF-8 support with programs such as Filezilla. The server also provides the option to log bandwidth usage on a per user basis. The option to enable bandwidth logging is called BANDWIDTH and can be found in the bftpd config file. The README file has also been updated to include a few awk scripts to assist with getting data from the bandwidth logs.

September 2, 2009: Stable release.

This release, version 2.4, fixes one security bug which could have led to a denial of service attack. Administrators are advised to upgrade at their eariliest convenience.
Many thanks to Dazhi for reporting this issue.


October 5, 2008: Stable release.

Since no new bugs were reported from the development release, I'm going to repackage Bftpd as a stable release. This is the same code as bftpd-2.2.1, so those of you who follow the development packages have no need to upgrade. For people who stick to stable releases, this is for you.


Spetember 16, 2008: Minor bug fix.

This development release is to test a small patch, provided by Ivan, which prevents problems when bftpd is launched by some daemon processes. I forsee no problems, but I'm putting this out as a development release for now.


June 22, 2008: New Website

Daniel Zilli was kind enough to volunteer to redesign the Bftpd website. I'm very happy with this change and I hope that our visitors feel the same.


March 21, 2008: Stable release Bftpd-2.2

This release brings one small change over the previous development releases. Bftpd will not close connections when a client sends an incorrect username/password combination. Connections are closed if the server is full or the system is configured to deny logins.


February 25, 2008: Development release Bftpd-2.1.2

This update introduces a few small, handy features to bftpd. The first is that bftpd prompts for a password, even if the user is logging in as anonymous. This is to increase compatibility with various web browsers that expect the prompt.


The second change is that the User's MOTD varible in bftpd's config file can use two symbols (%u and %h) to represent the user's username and home directory.


A new option was added to the config file called SHOW_NONREADABLE_FILES which toggels whether files which cannot be read are listed to the client.


Some work was done to make bftpd's string handling more secure, sepcifically in the replace() function.


Many thanks to Eric Woltermann who provided patches and much assistance in driving this release forward.

Checked by Calysto