Quote:>Look into the command "chroot" which will prevent FTP users from seeing
>anything else. There is a FAQ on this somehwere. Just search the net
>for "chroot ftp"
Even better consult wu-ftpds documentation about guest ftp
access. While you are about it make sure you have a *very* recent
version, without the realpath buffer overrun support included (root
exploit avialable). All vesion of RH 5.x and most other distibutions
are vulnerable unless you have installed their fixes (or got the latest
source, checked realpath.c is fixed, and replaced the binary).
I can confirm guest ftp access works as advertised and keeps those
users inside whatever playpen you decided was appropiate. (In
particular my playpen stops people from fetching /etc/inetd.conf and
therefore from knowledge of which ports offer real services instead
of connecting them to klaxon).
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."