>>> "Joe" == Joe Sheble <[EMAIL PROTECTED]> writes:
Joe> Because when I ftp in I'm limited to a very restricted
Joe> directory structure (that users home directory) and I move
Joe> files back and forth between work and home... most of these
Joe> files are in a directory not available to the user I log in
Joe> as with FTP... they're root files (configuration files,
Joe> etc... to work on, read, or study during idle times as well
Joe> as share with co-workers)... so I have to telnet in as a
Joe> regular user, do a 'su', copy the necessary files to the
Joe> appropriate home directory logout of telnet, then re-connect
Joe> with ftp to actually get the needed file. It'd be much nicer
Joe> to do this in one single connection.
It is nicer, much more convenient. It is also a security nightmare.
There are excellent security reasons for running ftp in a chroot jail
("a very restricted directory structure"), and telnet and http and
bind and many other services ought to be chrooted as well.
Take this from someone who's week was spoiled by running an old bind
version at work and not chrooting it. (We made the sans.org/giac.htm
list.)
Do you really want your box rooted?
(Views expressed != my employers.)
--
Mike Fieschko, West Orange, NJ, USA
X-Mailer: VM 6.75 under 21.1.8 XEmacs and random-sig.el
Kernel 2.2.15-5mdk
http://www.viconet.com/fieschko/home.htm
Mar 8 St John of God
"The Bible tells us to love our neighbors, and also to love our
enemies; probably because they are generally the same people." -
[G.K. Chesterton, in ILN, 7/16/10]
