From owner-freebsd-security Thu Jan 4 8:16:56 2001 From owner-freebsd-security@FreeBSD.ORG Thu Jan 4 08:16:53 2001 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.colltech.com (ausproxy.colltech.com [208.229.236.19]) by hub.freebsd.org (Postfix) with ESMTP id D8C5B37B400 for ; Thu, 4 Jan 2001 08:16:52 -0800 (PST) Received: from mail2.colltech.com (mail2.colltech.com [208.229.236.41]) by mx1.colltech.com (8.9.3/8.9.3/not) with ESMTP id KAA01257; Thu, 4 Jan 2001 10:16:52 -0600 Received: from colltech.com (dhcp5212.wdc.colltech.com [10.20.5.212]) by mail2.colltech.com (8.9.3/8.9.3/not) with ESMTP id KAA23006; Thu, 4 Jan 2001 10:16:50 -0600 Message-ID: <3A54A1F4.1B090FF9@colltech.com> Date: Thu, 04 Jan 2001 11:16:52 -0500 From: Daniel Hagan X-Mailer: Mozilla 4.72 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: Garrett Wollman Cc: "Portwood, Jason" , "'freebsd-security@FreeBSD.ORG'" Subject: Re: ftpd and anonymous setup References: <6381A6A8826BD31199500090279CAFBA24F41A@exchange.strategicit.net> <200101041532.KAA59487@khavrinen.lcs.mit.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org There's a flag (-r) that already defines a read-only mode. It could be used for the anonymous account to prevent fs mods (I guess?). I'm messing around w/ ftpd for the chroot stuff mentioned earlier, so I'll try to take a look sometime and see what I can find out. Daniel Garrett Wollman wrote: > > < said: > > > I chose 773 to allow someone to be assigned to the group to control the > > contents of that > > directory. > > > That will allow files to be uploaded and not be viewable. > > Doesn't help -- the WaReZ d00dz are perfectly capable of telling their > 31337 co-conspirators the name under which they have uploaded the > file. > > The only solution is an ftpd configuration option (like in wuftpd) > which creates files under a different user id and a mode which is not > readable by the kiddies. > > A useful addition to ftpd would be an option to disable all operations > which would modify the filesystem. > > -GAWollman > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message