[linux-elitists] pop/ftp and shell
Wed Mar 29 18:15:43 PST 2000
Quoting Don Marti Uses GIFs on the Sly (email@example.com):
> If somebody can ftp in a new .ssh/authorized_keys, they can log in
> without knowing the password for the shell account. Make sure the
> ftp accounts only have access to an area where they can't screw up
> the system.
_Damned_ good point. I'm very glad you mentioned that.
So, we make the ftpd chroot users to ~/ftptemp ? ~/public_html ?
Cheers, "By reading this sentence, you agree to be bound by the
Rick Moen terms of the Internet Protocol, version 4, or, at your
rick (at) linuxmafia.com option, any later version." -- Seth David Schoen
More information about the linux-elitists