This is the mail archive of the cygwin@sourceware.cygnus.com mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

ftpd + Win98 = security hole

To: cygwin at sourceware dot cygnus dot com
Subject: ftpd + Win98 = security hole
From: "Tom Weichmann" <tomcw at localnet dot com>
Date: Tue, 23 May 2000 02:33:32 -0700
Reply-to: tomcw at localnet dot com

I have noticed that when running ftpd from inetd, anyone can log in 
via anonymous ftp.  Usually the ftpd will chroot to /home/ftp for an 
anonymous login, but under win98 chroot does not work.  This 
leaves user anonymous with read, write, execute, delete access to 
your whole machine.  I tried adding user ftp to /etc/ftpusers, but 
this did not prevent the login.  Is there any way to disable 
anonymous logins via ftpd?

Thanks,

Tom Weichmann

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com

Follow-Ups:
- Re: ftpd + Win98 = security hole
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]