[Gllug] ftp listing
Mark Lowes
hamster at korenwolf.net
Tue Nov 12 14:41:30 UTC 2002
On Tue, 2002-11-12 at 14:22, Jason Clifford wrote:
> On 12 Nov 2002, Mark Lowes wrote:
>
> > > Only because many execute /bin/ls or a copy of it.
> > > Those that are built to be secure have the required set of functions built
> > > in and do not call external binaries for such tasks.
> >
> > I know, proftpd.org.
>
> The only time I ever tried proftpd it was rooted in less than 2 hours.
Problems which have long since been fixed.
[...]
> It was the only service running on the server (fortunately a test box with
> nothing important installed at that point). so nothing was really lost
> except my faith in proftpd. We reported it to the maintainers but they
> refused to believe that it was possible.
How long ago was this? I'd be suprised if it's in the recent past.
> I am now using vsftpd. Not only is it blisteringly fast but I trust it's
> author to have a responsible attitude towards security issues.
The current development / core team take security seriously as should be
apparent by the lack of bugtraq issues.
--
The Flying Hamster <hamster at korenwolf.net>
http://www.korenwolf.net/
IRISH DIPLOMACY: The ability to tell a man to go to Hell in such a way
that he looks forward to the trip.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list