Thanks for the replies about ~ftp/passwd files.
To summarise it looks like I have at least 2 choices:
1) try to customize the WUarchive version of FTPD to run a little
neater under a chrooted environment created by TIS netacl (e.g. there's
a few PATH defs in the tools that assume the ftpcount & ftpshut
are running from the same root point as the ftpd).
I don't think I'd do the second chroot for anonymous users to a seperate area.
(simply by having the ftp entry something like ftp:*:x:x:/:/bin/noshell)
I would then use mjr's code as a basis for stopping access to ~ftp/etc/passwd
(remembering that this file IS actually used by the WU FTPD for ftp USER
commands)
I also quite like the suggestion of sending a spoof file quietly.
2) Use the TIS shipped FTPD together with AUTHD to give me the chrooted
environment I want, and try to add in some of the features I like about
the WU FTPD that way.
This seems the most flexible approach, as a lot of the options I want
are to do with access, which I can implement in Authd & Netacl without
me screwing up the rather larger FTPD code.
e.g. There's no need for the 'class' features of WU FTPD, as you can
simply start up a totally different version of the daemon from Netacl.
I do not think I will attempt the Network Flamethrower suggested by
Michael Nittman. I may burn myself accidentally.
Comments anyone?
Of course all this is IMVHO. ;-)
______________________RHUNTER @
ESOC .
BITNET________________________
Ray Hunter: Cray Systems on contract to the European Space Agency
Tel. +49 6151 902953 FAX.+49 6151 902908
Room B107, ESOC, Robert Bosch Strasse 5, 64293 DARMSTADT, Germany
|
|
