FTP Server
Ed Wilts
ewilts at ewilts.org
Fri Apr 9 21:34:02 UTC 2004
On Fri, Apr 09, 2004 at 10:14:40AM -0700, David Saldana wrote:
>
> I have an external FTP server. the server now is just
> accepting FTP connection which is fine but I would like that some people
> form our company have telnet, ssh or rlogin connection, how can I open
> this type of connection without affecting security?.
You *will* affect security. If you give a user interactive access, they
can do things to your system they couldn't do before. They could fill
/tmp or /var/tmp and effectively shut down your e-mail processing or
other processing that wants to create temporary files there.
If you have a local root exploit, they can exploit that where they might
not have been able to before.
The users can easily get a list of all the usernames on the system,
something they couldn't do before.
Giving any user interactive access is not something to be taken lightly.
--
Ed Wilts, Mounds View, MN, USA
mailto:ewilts at ewilts.org
Member #1, Red Hat Community Ambassador Program
More information about the redhat-list
mailing list