[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FTP access for users ?



Alex Shnitman wrote:

 
>  > PS. I hope you're aware that enabling non-anonymous ftp access not inside a
>  > firewalled network is basically equivalent to putting all your users'
>  > passwords in the plain text format and sending it to a ... er ... mailing
>  > list :)
> 
> Do you mind elaborating on this issue?

Unless the users are chrooted, they can grab your password file.  And
regardless, eavesdroppers can sniff their passwords when they ftp in.