Date: Thu, 22 Aug 1996 10:50:41 -0500 From: Joe Nieten <jln@vhm.com> To: questions@freebsd.org Subject: ftpd security problem Message-ID: <2.2.32.19960822155041.00696d24@mailman.vhm.com>
next in thread | raw e-mail | index | archive | help
How can I prevent a user from roaming all over my system through ftp? I thought ftpd did a change root to keep users from getting out of their own directories. The user is put in their home directory initially ... however cd /etc puts them in that directory and downloading the password file is only a key stroke away. I just had a user that got ahold of my password file and sold the user ids to a marketing company and now we are getting bombarded with unsolicited e-mail. I've eliminated the user ... :) ... but the problem still remains. Thanks for any advice. Joe
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2.2.32.19960822155041.00696d24>