Subject: Re: Securing Anonymous FTP Uploads
To: Johan Danielsson <firstname.lastname@example.org>
From: Curt Sampson <email@example.com>
Date: 03/28/1997 21:10:28
On 28 Mar 1997, Johan Danielsson wrote:
> > * Disables the umask, chmod, delete and rmdir commands for anonymous
> > users.
> Yes, and mkdir should not be disabled. It makes it a lot easier if
> R. Luser can put his gazillion different files in one directory.
Not much point to this, since with a umask of 707 or 777, he won't
be able to put anything into that directory, or even cd to it.
> Furthermore, anonymous users has restrictions on the filenames they
> may create.
I have no wish to put this in at all. Since the files can't be
downloaded anyway, there's not much point in adding code like this.
> I thought is was more elegant to add an `check_login_no_guest' and
> just change the relevant commands.
This is an excellent idea, and I've implemented it. Thanks.
Curt Sampson firstname.lastname@example.org Info at http://www.portal.ca/
Internet Portal Services, Inc. `And malt does more than Milton can
Vancouver, BC (604) 257-9400 To justify God's ways to man.'