Curt Sampson writes:
> The following is a set of diffs I'm proposing to apply to our FTP
> daemon in order to make anonymous uploads more secure (i.e., less
> open to abuse).
> 
> It does the following:
> 
> * Sets the default umask for anonymous users to 707, thus clearing
>   out all but group read/write/execute access on uploaded files.

I feel uncomfortable depending on the group stuff to protect
permissioning. I'd very strongly prefer 777. If it becomes a
management headache, the people running the ftp account can always
build a cron job that moves incoming files into an examination area
and changes the protection to something reasonable.

> * Disables the umask, chmod, delete and rmdir commands for anonymous
>   users.

Very good, but you should also prohibit directory creation as well.

Perry