publish-ftpd is a non-anonymous read-only FTP and HTTP server written in Perl. It requires no external programs other than a few standard Perl modules loaded at startup, and no configuration files other than the binary password and MIME-types files created by publish-ftpd-maint, its companion maintenance program.
It is designed to be run from xinetd, or in a pinch inetd, which must be configured to specify the port on which publish-ftpd runs. Xinetd can also control such things as the username and group used to run publish-ftpd (which must not be the root user), the IP addresses of valid client hosts, the maximum number of simultaneous instances of publish-ftpd either overall or per-client IP address, and the times of day when access is permitted. Therefore, publish-ftpd does not provide configuration options for any of these things.
Each user is assigned a home directory, and can only access files and subdirectories within the home directory, known collectively as the home tree. The home directory appears to the user to be the root directory. Typically every user will have a separate home tree, but this is not required. The user cannot do anything to modify the home tree; neither FTP PUT nor FTP MKDIR nor HTTP POST is supported. Symbolic links can point out of the home tree; this can be considered a bug or a feature.
It is essential that the local username running publish-ftpd has read access to all the files and execute access to all the directories in all the home trees. Unreadable files and directories will be invisible to clients. However, a readable file in an unreadable directory can be fetched by a client if its pathname is known. Clients cannot tell the difference between an actual file or directory and a symbolic link to one; attempting to use .. to move upward from a directory outside the home tree will be ineffective.