[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tiger-user] check_anonftp
From: |
Javier Fernández-Sanguino Peña |
Subject: |
Re: [Tiger-user] check_anonftp |
Date: |
Wed, 6 Nov 2002 20:58:00 +0100 |
User-agent: |
Mutt/1.3.28i |
On Wed, Nov 06, 2002 at 08:44:10AM -0800, Bob Hall wrote:
> At release 2.2.4, it appears that the check_anonftp script prints a
> warning whenever a directory is owned by 'ftp' and is
> user-writeable. It also prints a warning if a directory is not
> owned by ftp, but is writable by ftp. However some implementations
Yes, because even if it's now owned, Tiger assumes that the ftpd
server will run as 'ftp' (which might not be the case BTW). This could
also be an option (user the FTP server runs as).
> of anonymous ftp I've seen allow for an upload directory to be
> owned by ftp and writable by ftp. On NetBSD this is ~ftp/incoming.
> On HP-UX it is ~ftp/pub.
Yes. This is correct. Most ftp implementations I know of support
writable directories under the ~ftp.
>
> Does the script need to have a variable that specifies an upload
> directory that will allow ftp write privileges?
Umm.. That could probably be a good addition. I will try to
implement it.
Also, BTW, check the script, there is something that could be
improved in it to (not use /etc/passwd but use the gen_passwd code to
determine if the 'ftp' user exists). Care to send me a patch? :)
Regards (and thansk a lot for your input)
Javi
pgpdX12yG8TEn.pgp
Description: PGP signature