This is the mail archive of the
cygwin@sourceware.cygnus.com
mailing list for the Cygwin project.
Re: ftpd + Win98 = security hole
- To: cygwin <cygwin at sourceware dot cygnus dot com>
- Subject: Re: ftpd + Win98 = security hole
- From: "Tom Weichmann" <tomcw at localnet dot com>
- Date: Tue, 23 May 2000 12:57:46 -0700
- Reply-to: tomcw at localnet dot com
Corinna,
> I have just checked that on a W2K and a W98 system. /etc/ftpusers does
> actually prevent login.
> I have checked out another situation: If you have binary mounts
> and your ftpusers file has DOS line endings (\r\n) ftpd is
> unable to prevent logins via ftpusers. That's the only possible
> reason I can see so I suggest to check your ftpusers line endings.
>
> I will change that in the next release of inetutils so that
> such configuration files are always opened in textmode. Then
> you may have both styles of line endings regardless of the
> mount mode.
All of my mounts are binary mounts, so that should not be the
problem. For some reason /etc/ftpusers will not prevent the login.
I moved ftpusers to /usr/local/etc/ftpusers, and this did the trick.
Thanks,
Tom Weichmann
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com