On Sat, Sep 20, 2003 at 12:47:21PM +0200, Robert van der Meulen wrote: > Hi, > > I was working on a newly-installed machine for a customer who requires an > ftp server. After installing vsftpd (which i *had* good experience with), I > noticed that the 'anonymous_enable' switch in /etc/vsftpd.conf, when set to > 'NO' *does* allow anonymous access. > Logging in using the 'anonymous' user does not work, logging in using the > 'ftp' user *does* work. > The 'ftp' user is listed in /etc/passwd and /etc/shadow, and has a disabled > password on all machines where I tried this and saw it working. > I was only able to test this with 1.2.0-2 . > > If anyone here is running vsftpd on a non-anonymous box, I'd make sure to > check this too. In the case of this customer (who has pretty sensitive data > on his box), this could have been quite a disaster. > > 'funny': > |Description: The Very Secure FTP Daemon > | A lightweight, efficient FTP server written from the ground up with > | security in mind. > > Ahem.
I'm working on it. Something is wrong with the PAM config... -- Daniel Jacobowitz MontaVista Software Debian GNU/Linux Developer