[svlug] how to allow a user to ftp but not login?

Joey Hess joey at kitenet.net
Thu Jul 6 21:43:23 PDT 2000

Previous message: [svlug] how to allow a user to ftp but not login?
Next message: [svlug] how to allow a user to ftp but not login?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rick Moen wrote:
> Well, I will correct the ftp-daemons file accordingly, then.  If you
> hear of security audits, that would also be of interest (though not,
> alas, conclusive).

http://www.proftpd.net/security.html

  ProFTPD has had a reasonably complete audit of its code internally.
  As with all audits, they are only as good as the people auditing the
  code, and subject to human error. However, several potential
  vulnerabilities were located and addressed long before they could become
  full-blown exploits.

> My _own_ problem with ProFTPd, one which _is_ a design issue, is that
> I consider the codebase over-featured, and thus a priori suspect for
> security problems.

Valid enough.

-- 
see shy jo, just back from a security audit of his own.. advisory next week :-P

Previous message: [svlug] how to allow a user to ftp but not login?
Next message: [svlug] how to allow a user to ftp but not login?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list