| Michael F. Robbins on Sat, 6 Apr 2002 08:17:13 -0500 |
|
On Sat, 2002-04-06 at 04:25, Toby DiPasquale wrote: > just fine, however, people can still browse to the $FTPROOT/dev and > $FTPROOT/etc directories and all that. Does anyone know what I have to > configure to stop that? Any conf files I missed? I can't seem to find info It mostly depends on the FTP server that you use. WU-FTPD is the default for a bunch of distros, and I'm pretty sure that you really do need to have a /dev and /etc directory in the ftproot. I've more often used ProFTPD, where those directories don't exist. But it's a security tradeoff: the presence of the $FTPROOT/etc and $FTPROOT/dev and bin probably indicates that you're using a chrooted FTP daemon, which is a good extra layer of security. So really, I don't think that anything in those directories could really be a problem. In fact, it's more of a sign that you *do* have your FTP server locked in a chroot jail. Michael F. Robbins mike@gamerack.com Attachment:
signature.asc
|
|