On 5/12/09 7:40 AM, Richard Gasiorowski wrote:
Lionel, When you ftp with anonymous the files known by the group ftp. A quick bypass is to chmod the directory to 755 or 777 and that should get you in. Then I would look at the config file of you ftp application - for instance is vsftp change to this anon_mkdir_write_enable=NO anon_other_write_enable=NO # Security anon_world_readable_only=NO
Off-topic -- auditors would probably be pretty leery of directories with 0777 permissions, or more specifically, with -t,o+w. I think, in general, other-writable directory should have the sticky (8) bit (t) set. - Larry ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
