Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Aug 1996 10:50:41 -0500
From:      Joe Nieten <jln@vhm.com>
To:        questions@freebsd.org
Subject:   ftpd security problem
Message-ID:  <2.2.32.19960822155041.00696d24@mailman.vhm.com>

Next in thread | Raw E-Mail | Index | Archive | Help
How can I prevent a user from roaming all over my system through ftp?  I
thought ftpd did a change root to keep users from getting out of their own
directories. The user is put in their home directory initially ... however
cd /etc puts them in that directory and downloading the password file is
only a key stroke away.

I just had a user that got ahold of my password file and sold the user ids
to a marketing company and now we are getting bombarded with unsolicited
e-mail.  I've eliminated the user ... :) ... but the problem still remains.


Thanks for any advice.
Joe




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?2.2.32.19960822155041.00696d24>