[CentOS] wu-ftpd, proftpd, or vsftpd!
albi
albi at scii.nl
Sun Apr 30 23:26:19 UTC 2006
José Alburquerque wrote:
> albi wrote:
>
>> erhm, the vsftp-software stands for "very secure ftp", but of course the
>> admin and the admin's configuring makes it secure or not
>>
>> (the fact that the redhat-company now uses it as their default
>> ftp-server doesn't mean anything, because they were provided wu-ftpd as
>> the default ftp-server install years ago afair, and wu-ftpd has a pretty
>> bad reputation as has other software from WU, like pine)
>>
> May I ask what is wrong with pine? TIA.
well, here's 1 example of the mentioning of pine's not so secure code,
if you try to install pine on FreeBSD (from ports), you will see this :
│ SECURITY NOTE: The pine software has had several remote
│ vulnerabilities discovered in the past, which allowed remote
│ attackers to execute arbitrary code as you on your local system,
│ by the action of sending a specially-prepared email. All such
│ KNOWN problems have been fixed, but the pine code is written in a
│ very insecure style and the FreeBSD Security Officer believes
│ there are likely to be other undiscovered vulnerabilities. Do you
│ wish to proceed with the installation of pine anyway?
│ [ Yes ] [ No ]
there are alternatives for pine, e.g. mutt, elmo, and there's more
(forgot the names)
--
grtjs, albi
gpg-key: lynx -dump http://scii.nl/~albi/gpg.asc | gpg --import
More information about the CentOS
mailing list