[plug] ftpd query
Christian
christian at global.net.au
Wed Jun 9 10:41:42 WST 1999
Matt Kemner wrote:
>
> On Wed, 9 Jun 1999, David Campbell wrote:
>
> > This could create more holes since the anonymous ftp account runs in
> > a "chroot" (eg: limited view only the account directory). There is a
> > list of things that need to be done for setting up an anonymous ftp
> > account properly - more than I can remember.
>
> > Anonymous FTP should be more secure than
> > standard FTP since you use chroot to put the blinkers on
>
> You can do one better and create a "guest" FTP account.
> guest FTP accounts are just like anonymous accounts in that they are
> chroot'd, but they also need a password to access the information.
> P.S. I believe proftpd is a LOT easier to set up for anonymous/guest
> accounts, but have never played with it.
I think David Campbell's suggestion of using Samba is probably the best
idea here although the FTP option is certainly workable. As for using
anonymous FTP, this isn't really a problem unless you want to prevent
people (who aren't authorised) downloading the files (and if they're
anti-virus signatures which are publicly available then this probably
wouldn't be a problem). Personally I wouldn't use any method which
creates another enabled account on your machine, especially if that
involves giving the password for this account to more than one person.
A properly secured anonymous FTP would be a much better alternative.
More information about the plug
mailing list