[unisog] Size Limit on E-Mail Attachments

Graham Allan allan at physics.umn.edu
Mon Nov 5 16:18:50 GMT 2001


In message <10111050906.ZM84945 at peony.cs.wright.edu>
          "Sheila Hollenbaugh" <shollen at cs.wright.edu> wrote:

> I am not sure exactly what you mean by a "well-managed" anonymous ftp
> site, but I have a true story to relate which should make anyone
> hesitant to allow any kind of anonymous write access via ftp.  One
> Friday one of our users asked that we create a special area for one of
> his collaborators to (anonymously) upload some data over the weekend. 
> Being naive, we agreed, and created the area.
>  Monday morning we received a call from a co-employee on the other
> side of campus informing us that we were on a published list of great
> FTP sites to obtain (illegal) software.  Over the weekend not only had
> some enterprising person found the anonymous site, scanned it for
> writeable directories, set up the warez, and published the address.

It is possible to set up a secure, writable anonymous ftp site. All
that's required is that anonymously uploaded files can't be accessed
again by anonymous users (or even by any ftp users at all - leave them
accessible only to internal users of the system).

It's incredibly tedious to get this right using most vendor-supplied ftp
servers. An aftermarket server like ncftpd which enforces these policies
internall,y regardless of the underlying filesystem permissions, helps a
great deal.

Graham
-- 
-------------------------------------------------------------------------
Graham Allan - I.T. Manager - allan at physics.umn.edu - (612) 624-5040
School of Physics and Astronomy - University of Minnesota
-------------------------------------------------------------------------



More information about the unisog mailing list