[plug] ftpd query
Matt Kemner
zombie at networx.net.au
Wed Jun 9 10:52:46 WST 1999
On Wed, 9 Jun 1999, Christian wrote:
> Personally I wouldn't use any method which
> creates another enabled account on your machine, especially if that
> involves giving the password for this account to more than one person.
> A properly secured anonymous FTP would be a much better alternative.
But the anonymous account is "another enabled account on your machine"
where everybody in the world has the password.
I prefer to delete the anonymous account (user "ftp") and create a
passworded guest account instead. The guest account has no more access to
your system than the ftp account does.
> In general when people try and develop their own "homebrew" solution to
> making something they need done more secure they end up opening a whole
> host of new potential security problems.
That is very true, but the method I posted here, although complicated, was
not at all homebrew - it is _the_ method of setting up guest accounts,
which ftpd has supported for many years. I just posted it here because I
remember when I first set it up I had trouble finding the information, and
thought someone might find it useful.
I agree that Samba might be the best option for the virus signatures.
- Matt
More information about the plug
mailing list