[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ProFTP Forever Broken? (was Re: oBSD ftpd query)



At 06:02 PM 9/16/99 +0200, Tor Houghton wrote:
>
>Hi,
>
>Having finally kicked out the ProFTPD server from my system and replaced
>it with the standard OpenBSD server, I have a few questions.
>
I rather suspet I'm going to have to break down and do same.  My FTP box
runs FreeBSD though.  The ProFTP folks have been scrambling to close one
hole after another for the past couple weeks.  Seems like the Dutch Boy
with his finger in the Dike syndrome.  I read somewhere that it was
doubtful ProFTP woud ever be secure without a total rewrite/redesign of the
code, which is a shame becasue it is otherwise way cool.  Any of you
security guru's have an opinion on this?  FTP for me is currently a minor
deal, only a few virtual hosts for buddies whose sites don't change all
that much, so I can turn it on and off as needed.  Hate to bail on it, but
maybe the honeymoon is over, eh?

Ciao-- Ken
http://www.y2know.org/safari

Failure is not an option- it comes bundled with your Microsoft product.