oh, ic
in what I'm thinking now it's clear now that running proftpd is better than wu-ftpd
because I see that proftpd ran as non-root user
thank you very much
On Sun, Jun 02, 2002 at 10:59:10PM +1000, Greg Wright wrote:
>
>
> *********** REPLY SEPARATOR ***********
>
> On 2/06/2002 at 1:18 PM Lewi ichtus mbone petra ac id
> [gregausit/redhat-list] wrote:
>
> >talking about wu-ftpd, I know that anonymous user in wuftpd release by
> >red hat using chroot env,
> >is this meant that, even I ran wu-ftpd in chroot, still can't protect your
> >system.
> >
> >so what the chroot really used for??
> >I have read Securing Red Hat by Gerhard, in his book he still using
> >wu-ftpd in chroot environment
> >
> >need for explanation, please
> >I'm really confusing :(
> >
>
> I setup wu years back to run users chrooted, I am not sure what is in 7.3,
> but chrooting for wu is usually related to the user or group being chrooted
> or jailed so they cannot leave a directory, it does not offer any
> protection from say a known buffer overload.
>
> If the wu daemon is run as a non priveledged user and chrooted, then this
> would be a setup that offers security for the system and not for protection
> agains users browsing to a directory where they could read your secret
> files....
>
> Hope that clarifies the basics or principle idea.
>
>
>
> Regards
>
> Greg Wright
> --
>
> IT Consultant Sydney Australia PH 0418 292020 -- Int. +61 418 292020
> Available for Global Contracts US Fax -- 801 740 2874
> Web http://www.ausit.com E-mail Greg AT AusIT.com
> Trading As - AAA Computers -- providers of IT services.
>
>
>
> _______________________________________________
> Redhat-list mailing list
> Redhat-list redhat com
> https://listman.redhat.com/mailman/listinfo/redhat-list
--
ichtus
------
Lewi Supranata .K
ICQ: 50643061
Homepage : http://mercury7.petra.ac.id/~ichtus
---> http://www.petra.ac.id:8080/~ichtus/ <---
GnuPG Public Key : http://mercury7.petra.ac.id/~ichtus/ichtus-keys
Attachment:
pgp00001.pgp
Description: PGP signature