Author: Toomas Aas
Date: 23-09-02 17:45
First, thanks for the article. It was indeed very helpful and I got my anonymous ftp server up without any problems.
I made only one change to the settings suggested in the article. I want a few remote users to be able to download files from /incoming. Because of possible security problems I decided that I don't want them to do it with ftp but use scp instead.
So, instead of chowning /incoming to nobody.wheel I created a 'ftpadm' group and chowned /incoming to nobody.ftpadm. Then I just put the users that I want to let to download the files into ftpadm group.
I'm running the server in 'anonymous-only' mode so these users cannot access the ftp server with their usernames/passwords but *must* use scp.
I wonder if I have opened any security holes by deviating from the article in this way?