Re: wu-ftpd-2.4.2.16-12 security problem
thats not a security problem. its how its supposed to behave.
if u dont want users chrooted to /home/username, that is, they can only go
to as high as /home/username, read on re giving users "guestgroup" access in
wu-ftpd docs, and then change their respective enreies in /etc/passwd so that
when theyll log in to ftp, they'll be chrooted to /home/username ...
example, for /etc/passwd:
user:x:1023:1100:user,,,:/home/user/./:/usr/bin/ascriptiwrote
^^^^^^^^^^^^^
this is his chrooted dir
also, try reading man chroot
AFAIK,
Chad
On Tue, May 18, 1999 at 01:00:15PM +0000, Shao Zhang wrote:
> Hi,
> I just found that this version of the wu-ftpd allows any user do a cd /
> And then all users can see the / directory on the system.
>
> How do I stop this? I only want them to see /home/username.
>
> Thanks.
>
>
> Shao.
>
> --
> ____________________________________________________________________________
> Shao Zhang - Running Debian 2.1 ___ _ _____
> Department of Communications / __| |_ __ _ ___ |_ / |_ __ _ _ _ __ _
> University of New South Wales \__ \ ' \/ _` / _ \ / /| ' \/ _` | ' \/ _` |
> Sydney, Australia |___/_||_\__,_\___/ /___|_||_\__,_|_||_\__, |
> Email: shao@cia.com.au |___/
> _____________________________________________________________________________
>
>
> --
> Unsubscribe? mail -s unsubscribe debian-user-request@lists.debian.org < /dev/null
>
Reply to: