Bugtraq mailing list archives
Re: Re: Bad Advise
From: pwh () bradley bradley edu (Pete Hartman)
Date: Tue, 26 Jul 94 15:46:07 -0500
Christopher W. Klaus wrote: % Here is some advise from Sun that I highly recommend you DO NOT DO. % Make the home directory owned by ``ftp'' and unwritable % by anyone. % I highly recommend you change that to owned by ``root''. I was thinking about ownership of the whole ftp-tree by user `nobody'. Are there any benefits to using `root' instead of `nobody'?
Seems that since NFS access defaults to "nobody" that this is probably the most insecure possible permission if someone can get nfs access to the tree.
Current thread:
- coredumps on setuid programs. ddzehr () telecom ksu edu (Jul 22)
- Re: coredumps on setuid programs. George Boyce (Jul 22)
- Bad Advise Christopher Klaus (Jul 24)
- Re: Bad Advise smb () research att com (Jul 25)
- Re: Bad Advise Christopher Klaus (Jul 26)
- Re: Bad Advise Chris Ellwood (Jul 25)
- Re: Bad Advise G.J.W. Hagenaars (Jul 26)
- Re: Bad Advise Mark Moraes (Jul 26)
- Re: Bad Advise Philip Yzarn de Louraille (Jul 27)
- Bad Advise Christopher Klaus (Jul 24)
- Re: Bad Advise jim () Tadpole COM (Jul 26)
- Re: Re: Bad Advise Pete Hartman (Jul 26)
- Re: Bad Advise Evil Pete (Jul 26)
- Re: Bad Advise David Lawrence Oppenheimer (Jul 26)
- Re: coredumps on setuid programs. George Boyce (Jul 22)
- Re: Bad Advise Harold van Aalderen (Jul 26)
- Re: Bad Advise Christopher Klaus (Jul 26)
- Re: Bad Advise Timothy Newsham (Jul 27)
- -froot??? (AIX rlogin bug) Eric Wedaa (Jul 29)
- Re: -froot??? (AIX rlogin bug) Aaron Eppert (Jul 29)
- Re: -froot??? (AIX rlogin bug) Mark G. Scheuern (Jul 30)
- Re: -froot??? (AIX rlogin bug) Alexander Haiut (Jul 30)
- Re: -froot??? (AIX rlogin bug) Baba Z Buehler (Jul 30)