Proftpd question

Joseph C. Lininger jbahm at pcdesk.net
Fri Jul 16 10:39:22 EDT 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Well, form a security stand point, running an ftp server in and of 
itself is not a security concern. However, make sure to keep up to date 
with patches and stuff for any servers you run, be it ftp or otherwise. 
This way, people are not able to take advantage of the latest in 
security holes to compromize your system. Also, you'll want the 
anonymous stuff to be configured so that people can't write to it, and 
you want to lock users in to the directory where the files are located 
via chroot. Proftpd does the chroot thing by default, and simply setting 
the correct permitions should accomplish the read-only thing.

- -- 
Joseph C. Lininger
jbahm at pcdesk.net
Note, the following is used for automated processing. Please lieve in 
tact if quoting me in a reply.
Verification: 5eab38a77ac40416e075be8f50607ff7

On Fri, 16 Jul 2004, Jayson Smith wrote:

> Hi,
> Got it working.  I just moved the files to /home/ftp and made a symlink in
> /var/www.  Is it ok from a security standpoint to open up ftp to the outside
> world?  I have an unofficial mirror of the unofficial Dectalk archive, an
> archive of Dectalk as well as several other synths singing, performing
> skits, and all sorts of other weirdness.  Would it be ok to allow the
> outside world to access this via ftp?  They can already access it via http.
> Jayson.
> 
> ----- Original Message -----
> From: "Joseph C. Lininger" <
> jbahm at pcdesk.net>
> 
> To: "Jayson Smith" <
> ratguy at bellsouth.net>
> 
> Sent: Friday, July 16, 2004 1:22 AM
> Subject: Re: Proftpd question
> 
> > Well, that depends. If the allow symlinks option is set in apache, then
> this will work. . I assume you are trying to access these files in /var/www
> via anonymous ftp right? I can't remember what your doing now. If you are
> trying to do this, why not set the anonymous account to access /var/www. If
> you did that, the chroot would be to that directory and you wouldn't have a
> problem.
> >
> > --
> > Joseph C. Lininger
> >
> jbahm at pcdesk.net
> > Note, the following is used for automated processing. Please lieve in
> > tact if quoting me in a reply.
> > Verification: 5eab38a77ac40416e075be8f50607ff7
> >
> 
> 
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA9+imJ6dqn0mqPbARAta5AKCWfTqcHk65fsbKzIHB1G3dJ/8BZwCcDjOI
INGB7EA4vnk9UNJSP9ff/V8=
=Q6n6
-----END PGP SIGNATURE-----

More information about the Speakup mailing list