uple other places in ProFTPd which strike me as, if not
insecure, at least insufficiently paranoid; I'll pass along a patch for
those to proftpd-l later.
Dan
/\ /\
| Daniel Jacobowitz|__|SCS Class of 2002 |
d with --with-rsaref, and the guilty code in rsaglue.c is
never reached.
Dan
/\ /--------\
| Daniel Jacobowitz|__|SCS Class of 2002 |
| Debian GNU/Linux Developer__Carnegie Mellon University |
|
isn't setuid, and anyone who allows arbitrary filenames to be passed
to it has other problems.
Dan
/\ /\
| Daniel Jacobowitz|__|SCS Class of 2002 |
| Debian GNU/Linux Developer__Carnegie Mellon
aren't allowed make a dummy account first, login with that
then make a toor account ontop of that and su over to toor.
Remember, the log path must be within 15 characters to fit in a netbios
name! You're not going to get anywhere on andrew, or most other AFS
paths, with that restriction.
--
Daniel