[Gllug] Re: [GLUG] Secure FTP Server
rich at annexia.org
rich at annexia.org
Thu Feb 27 11:47:31 UTC 2003
On Wed, Feb 26, 2003 at 10:57:00PM +0200, Dale wrote:
> Hi Neil
>
> > Can anyone recommend a stable secure FTP server?
>
> If these 2 requirements are top of your list and you only want to give
> anonymous access, then use publicfile by Dan Bernstein:
>
> http://cr.yp.to/publicfile/publicfile-0.52.tar.gz
>
> The guys from http://www.hackinglinuxexposed.com/ endorse it too ;-)
> They also include their own HowTo.
>
> You'll also need ucsp-tcp and daemontools from cr.yp.to
There are two real issues with Bernstein's programs.
(1) They're not open source. There are all sorts of strange
limitations on how you can redistribute them and this has a measurable
chilling effect on the communities around them (esp. the qmail
community).
(2) They're not "Unix". They don't fit in well with the Unix tradition
and certainly not with concrete standards like the FHS. eg. Log files
end up under /etc, the coding style is nothing short of peculiar,
requires all sorts of non-standard tools to install and run.
With a bit of effort it's possible to set up a very secure
Net::FTPServer implementation where the server runs chrooted into a
directory with no access to any files at all (not even read access),
and setuid to a user with no file access. The files that you want to
serve are stored in a PostgreSQL database. Multiple users are
authenticated against a database 'users' table. And you can flexibly
configure which user can read/write which "file" from the database,
basically limited by your ability to write Perl. All of the above with
real GPL/Artistic/BSD licensed software.
Rich.
--
Richard Jones, Red Hat Inc. (London, UK) http://www.redhat.com/software/ccm
http://www.annexia.org/ Freshmeat projects: http://freshmeat.net/users/rwmj
PTHRLIB is a library for writing small, efficient and fast servers in C.
HTTP, CGI, DBI, lightweight threads: http://www.annexia.org/freeware/pthrlib/
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list