-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Assuming you are using ftp, the real danger is in the fact that ftp sends
login and password in plain text over the Internet. Use ssh if you want
encrypted authentication -- actually, ssh encrypts the entire session,
from login to disconnect.
If you can't do this, then it would be wise to set up a public directory
just for ftp, and configure the ftp server so that that no-one will be
able to cd to another directory outside of the public dir and perhaps its
subdirs.
If /var/www/html/media is already set up this way, good. Otherwise, do it.
Dave
On Saturday 04 August 2001 00:56, thus spake Jon Doe:
> It has been bugging me since I set it up. Is it safe to have the files
> in /var/www/html/ ??
> I am using this to let people I know upload files and download files,
> its in a seperate directory /var/www/html/media
> With all I have read and heard about the root partion, is this safe? Or
> am I just too worried?
- --
"Nihil tam munitum quod non expugnari pecunia possit." (No
fortification is such that it cannot be subdued with money.)
- - Marcus Tullius Cicero, 106-43 B.C.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7a/rGA68l26XsZUYRApj3AJkBq0MtzXhd/0IwIvfXwc9rL7Rk0ACaAqp4
mceFC2C0fjv/SgehLt4aXUA=
=pone
-----END PGP SIGNATURE-----