*********** REPLY SEPARATOR *********** On 2/06/2002 at 1:18 PM Lewi [EMAIL PROTECTED] [gregausit/redhat-list] wrote: >talking about wu-ftpd, I know that anonymous user in wuftpd release by >red hat using chroot env, >is this meant that, even I ran wu-ftpd in chroot, still can't protect your >system. > >so what the chroot really used for?? >I have read Securing Red Hat by Gerhard, in his book he still using >wu-ftpd in chroot environment > >need for explanation, please >I'm really confusing :( > I setup wu years back to run users chrooted, I am not sure what is in 7.3, but chrooting for wu is usually related to the user or group being chrooted or jailed so they cannot leave a directory, it does not offer any protection from say a known buffer overload. If the wu daemon is run as a non priveledged user and chrooted, then this would be a setup that offers security for the system and not for protection agains users browsing to a directory where they could read your secret files.... Hope that clarifies the basics or principle idea. Regards Greg Wright -- IT Consultant Sydney Australia PH 0418 292020 -- Int. +61 418 292020 Available for Global Contracts US Fax -- 801 740 2874 Web http://www.ausit.com E-mail Greg AT AusIT.com Trading As - AAA Computers -- providers of IT services. _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list