Principal problem is that the chrooted environemnt is only for anonymous ftp. If I ftp in to a user account, it lets me do that and it does *not* chroot the directory. The hazards should be obvious. Add to that the fact that even in a chrooted directory under anonymous ftp, getting on as a privileged user can be dangerous -- the files are accessible from the regular file systems (e.g., user accounts). For instance: attacker uses ftp to create suid-root shell in ftp directory attacker logs in as user foo (bin, uucp, etc) and executes suid shell from ftp directory attacker romps --spaf