[BlueOnyx:05871] Re: Nov 09 06:00:40 Updated: proftpd-1.3.3c-1BX1.i386

[Christoph Schneeberger]

Hi Michael,

Michael Stauber wrote:
>> While it was tossing things away, it tossed the entire section of one
>> site's configuration that had an anonymous FTP server configured. 
>>     
>
> Anonymous FTP? Bad idea, really. I already was about to remove it from 
> BlueOnyx, but then someone complained that it can be useful on an intranet 
> server like in an office. There it still makes sense. But on a public 
> webserver that invites all kinds of mischief
I would like to follow up on the points you made re: Anon-FTP. I
completely agree with you, that having a writable anonymous FTP is a bad
thing to do and really bad things will happen often sooner than later
(warez, pr0n and whatsoever in incoming, even if perps can't download
from there they will try and the stuff they uploaded can get you in
trouble). But I don't see whats wrong with a read-only anonymous
FTP-Service and I would really appreciate to be able to allow no
incoming while having an anonymous ftp service.

Would it be hard to add that feature to the gui, disabling the incoming
dir completely or do you object that ? I would say then the anon ftp
makes some sense again. As far as the config is concerned it seems it
would be enough to just leave the Directory incoming definition out.
However I completely agree with you, that in its current state the
service is useless for public sites.

Cheers,
Christoph