Hi, Michael,
> You've got a worse problem than you think. You are running
> a version of ProFTP with known security holes. The mess over ProFTP
> and getting security holes fixed prompted at least one distribution
> to pull it entirely. The vulnerabilities included potential remote root
> shell attacks. I think they got the holes fixed, but you need to be on
> 1.2.0pre6 at minimum!
Last time I checked the ftp daemon security issues, everybody runned
scared of wuftp because of it's poor security. No I find out that at least
one distribution gave up proftpd... welcome to the world of computing,
bogdan...
> Did you add the name of the shell to /etc/shells? That's a list
> of valid shells and ftp won't allow an account with an invalid shell to
> log in (to prevent system accounts from being compromised, I suppose).
Thank you, indeed that was the problem... I'll try to upgrade the ftp
version too... Thank you!
Have fun,
bogdan
