From owner-freebsd-security Fri Feb 2 12:23: 9 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.wlcg.com (mail.wlcg.com [207.226.17.4]) by hub.freebsd.org (Postfix) with ESMTP id 9633A37B491 for ; Fri, 2 Feb 2001 12:22:45 -0800 (PST) Received: from localhost (rsimmons@localhost) by mail.wlcg.com (8.11.1/8.11.1) with ESMTP id f12KMuP43138; Fri, 2 Feb 2001 15:22:56 -0500 (EST) (envelope-from rsimmons@wlcg.com) Date: Fri, 2 Feb 2001 15:22:56 -0500 (EST) From: Rob Simmons To: Will Mitayai Keeso Rowe Cc: Benjamin Ossei , jeff , security@FreeBSD.ORG Subject: RE: ftp In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I wouldn't use wu-ftp if I were you. It has a history of nasty remote exploits. Robert Simmons Systems Administrator http://www.wlcg.com/ On Fri, 2 Feb 2001, Will Mitayai Keeso Rowe wrote: > Another way is to use wu-ftpd, and "man ftpaccess" > > > :-----Original Message----- > :From: owner-freebsd-security@FreeBSD.ORG > :[mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Rob Simmons > :Sent: February 2, 2001 15:03 PM > :To: Benjamin Ossei > :Cc: jeff; security@FreeBSD.ORG > :Subject: Re: ftp > : > : > :No, they can go into other people's directories by default. The default > :umask on FreeBSD is 022, which means that all users files > :(with certain exceptions like .rhosts and others) are 644 and directories > :are 755. Both of which are world readable. I typically change the umask > :for my account to 027, that way others in the wheel group can see files I > :create, but others cannot. > : > :For more information on the way modes work, you should read the chmod and > :umask man pages. > : > :Robert Simmons > :Systems Administrator > :http://www.wlcg.com/ > : > :On Fri, 2 Feb 2001, Benjamin Ossei wrote: > : > :> By default every user has rights to their own home directory. > :Unless the server isn't set correctly. Also if they happen to > :browse, they shouldn't be able to go into anyone elses directory. > :> > :> --- Rob Simmons > :> > wrote: > :> >???? The server is what governs where the user can browse. > :Read the man > :> >page for ftpd, you will find that the /etc/ftpchroot controls what users > :> >are restricted to thier home directory. > :> > > :> >Robert Simmons > :> >Systems Administrator > :> >http://www.wlcg.com/ > :> > > :> >On Fri, 2 Feb 2001, jeff wrote: > :> > > :> >> Im looking for a ftp client that will keep the user in there > :home dir a lot of the new ftp software is letting users browse the > :server's other dirs any scripts I can use that would handel this issuse > :> >> > :> >> Jeff Gray cfm > :> >> > :> >> > :> > > :> > > :> > > :> >To Unsubscribe: send mail to majordomo@FreeBSD.org > :> >with "unsubscribe freebsd-security" in the body of the message > :> > :> _____________________________________________________________ > :> ========GET YOUR FREE E-MAIL============ > :> http://freemail.cahostnet.net > :> Web Hosting http://www.cahostnet.com > :> > : > : > : > :To Unsubscribe: send mail to majordomo@FreeBSD.org > :with "unsubscribe freebsd-security" in the body of the message > : > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message