Stuart Young <[EMAIL PROTECTED]> writes:
> Just a note that there is a CERT advisory about TCP wrappers at the
> moment. It seems that it was replaced (trojan code) and isn't exactly
> 'friendly' anymore.
> http://www.cert.org/advisories/CA-99-01-Trojan-TCP-Wrappers.html
Note that this only affects downloads from the main archive site over a
fairly short period of time, and that all hosts downloading from that site
over that time period have already been contacted. The canonical archive
has also been moved to a new server.
> Seems this sort of thing is becoming more prevalent. You might want to
> check your code if you downloaded it recently.
This is probably better sent to a different list, but I'd start using
Dan's FTP daemon rather than a huge package like wu-ftpd that I really
don't trust if it only had a few more features. The two I really need are
more standard "dir" output that doesn't confuse some clients and automatic
gunzip of .gz files if downloaded without the .gz extension.
I've wanted this badly enough that I've considered a few times just
patching Dan's code for both of these features.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
