Re: Which UID to run ProFTPD under for anon access?

[aphro <nate@firetrail.com>]

On Wed, 10 Nov 1999, Ralf G. R. Bergs wrote:

rabe >Hi there,

hello!

rabe >Should I create a user "ftp," or what else should I do to make things as safe 
rabe >as possible?
rabe >

1) don't use proftpd. 2) use the stock ftpd taht comes with debian.  if
you must use proftpd(again, strong urges NOT to use it) edit
/etc/proftpd.conf and you will see something like this, make sure it is
uncommented

<Anonymous ~ftp>
  User                          ftp
  Group                         nogroup
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                     anonymous ftp

change user/group accordingly to what u got and make sure the directory
exists (which is the ~ftp part inside <Anonymous ~ftp>, and restart
proftpd. provided the user/group and directory exists it should work.

proftpd has had a rash of security problems recently and im willing to be
this is just the beginning.  if you value security dont use it. or use one
of the REAL old ones that were supposed to be secure(not the 1.2.x series)

nate

----------------------------------------[mailto:aphro@aphroland.org ]--
   Vice President Network Operations       http://www.firetrail.com/
  Firetrail Internet Services Limited      http://www.aphroland.org/
       Everett, WA 425-348-7336            http://www.linuxpowered.net/
            Powered By:                    http://comedy.aphroland.org/
    Debian 2.1 Linux 2.0.36 SMP            http://yahoo.aphroland.org/
-----------------------------------------[mailto:aphro@netquest.net ]--
2:18pm up 83 days, 1:48, 2 users, load average: 1.46, 1.56, 1.55