Re: [sftp] bug
From: Richard Silverman (res@des.jhy.us.ml.com)Date: 01/30/02
- Next message: Richard Silverman: "Re: scp vs. sftp"
- Previous message: Richard Silverman: "Re: Allow REXEC"
- In reply to: William Wu: "[sftp] bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Richard Silverman <res@des.jhy.us.ml.com> Date: 30 Jan 2002 14:26:55 -0500
>>>>> "WW" == William Wu <blop@no.spam> writes:
WW> another question is there any advantage to launch ftp-server only
WW> on a sftp request ? wouldn't it better to add an entry in my
WW> /etc/inetd.conf?
If you start sftp-server from inetd, then anyone will be able to transfer
files under the uid you set for it, and it will be completely insecure --
sftp does not do authentication or encryption; that's the job of its
transport program (normally SSH).
-- Richard Silverman slade@shore.net
- Next message: Richard Silverman: "Re: scp vs. sftp"
- Previous message: Richard Silverman: "Re: Allow REXEC"
- In reply to: William Wu: "[sftp] bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
