next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects
Index of Subjects While we're on the subject of the ftpd included with CSuite 1.0... There was a security hole in wu-ftpd which would allow root access to attackers, were it not for the stock CSuite ftpaccess file. But that doesn't exactly leave me with a warm fuzzy feeling. I patched this last year but for some stupid reason, I never made up a new src-etc-ftpd tarball for future 1.0 sites. There's one up there now, and if anyone's doing a CSuite 1.0 build in the near future, I'd suggest they use it as a replacement for the src-etc-ftpd.tar.gz shipped with CSuite 1.0. The new package is up at http://csuite.ns.ca/ftp/1.0-fixes/src-etc-ftpd.tar.gz If anyone wants to patch /var/csuite/src/etc/ftpd/src/realpath.c by hand and recompile, the patch is here: http://csuite.ns.ca/ftp/realpath.c.patch The original announcement is archived here. http://www.chebucto.ns.ca/CSuite/MLists/CSuite-Dev/199903/289.html
next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects