Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Aug 1996 10:50:41 -0500
From:      Joe Nieten <>
Subject:   ftpd security problem
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help
How can I prevent a user from roaming all over my system through ftp?  I
thought ftpd did a change root to keep users from getting out of their own
directories. The user is put in their home directory initially ... however
cd /etc puts them in that directory and downloading the password file is
only a key stroke away.

I just had a user that got ahold of my password file and sold the user ids
to a marketing company and now we are getting bombarded with unsolicited
e-mail.  I've eliminated the user ... :) ... but the problem still remains.

Thanks for any advice.

Want to link to this message? Use this URL: <>