[linux-elitists] pop/ftp and shell

Don Marti dmarti@zgp.org
Wed Mar 29 18:30:43 PST 2000


On Wed, Mar 29, 2000 at 06:15:43PM -0800, Rick Moen wrote:

> So, we make the ftpd chroot users to ~/ftptemp ?  ~/public_html ?

Depends on how resistant to nuisance vandalism you want the account 
to be. 

If you make it ~/public_html, anyone who sniffs the ftp password can
vandalize users' web sites or post warez (up to the user's quota, which
I'm assuming you'd make pretty strict.)  If you make it a different
directory, the user has to log in and move files to make stuff visible
on the web. It's a tradeoff between security and convenience, like many
things.

-- 
Don Marti                Join the Great American GAS OUT.  Do not buy
dmarti@zgp.org            any gas from April 7, 2000 to April 7, 2002 
http://zgp.org/~dmarti/         
whois DM683      Except gas for burning GIFs: http://burnallgifs.org/




More information about the linux-elitists mailing list