B!n@ry,
Quote:
|
a good start nixCraft, only that unfortunetly the vsftpd has lots of exploits vs to pure-ftpd.
|
I don't think so, it is totally true. Look at ftp.openbsd.org , ftp.redhat.com and there are 100s of public ftp server out there. All runs using VSFTPD. I never saw any one of them hacked or owned by crackers. Do you have any documentation supporting your claim. I am interested to learn more about this issue.
Quote:
|
And by the way I do not encourge using the anonymous upload issue, but using the users-base upload much better and more secure + easy to trace. Also I use the jail and use the local_root option to specify a fixed upload area.
|
I must agree with you about jail. But sometime you need to allow anonymous upload. Examples open source software which allows uploading patch.
To set chroot just add an option in vsftpd.conf file
Code:
chroot_local_user=YES