Re: ftp daemon
Lawrence Walton <lawrence@otak-k.com> writes:
> Oh? I am running two FTP servers with the 2.1.12* kernels... what is the
> security feature?
[snip]
> auth.log:Nov 16 12:53:28 ns proftpd[29299]: module linuxprivs: capabilities '= cap_net_bind_service+ep'
I'm not especially familiar with what's involved. In this case, I
would guess it lets proftpd use reserved ports (like 20 and 21,
ftp-data and ftp-control) without needing to be root.
This means that if there's any bug somewhere in proftpd, there's no
straightforward way to get root access to the box.
--
Carey Evans http://home.clear.net.nz/pages/c.evans/
"Is there anyone who actually believes that USAicans are so modest or
intellectually honest as to be unable to find someone to sue?" - Cameron Laird
Reply to: