On Tue, 26 Jul 1994, G.J.W. Hagenaars wrote: > Christopher W. Klaus wrote: > > % Here is some advise from Sun that I highly recommend you DO NOT DO. > % > % Make the home directory owned by ``ftp'' and unwritable > % by anyone. > % > % I highly recommend you change that to owned by ``root''. > > I was thinking about ownership of the whole ftp-tree by user `nobody'. Are > there any benefits to using `root' instead of `nobody'? Egad, this is far worse than using owner root. Among other things, 'nobody' is used as the userid on the server side of finger (assuming you have your fingerd service in /etc/inetd.conf defined to run as user nobody, which is the secure thing to do) and of NFS (when a request comes from an unknown user, or from somebody trying to NFS mount a server as root and this permission is disallowed by the /etc/exports configuration). >From the exports(5) man page [SunOS 4.1.3]: anon=uid If a request comes from an unknown user, use uid as the effective user ID. Note: root users (uid 0) are always considered "unknown" by the NFS server, unless they are included in the "root" option below. The default value for this option is the UID of the user "nobody". If the user "nobody" does not exist then the value 65534 is used. Setting the value of "anon" to 65535 disables anonymous access. Note: by default secure NFS accepts insecure requests as anonymous, and those wishing for extra security can disable this feature by setting "anon" to 65534. Clearly, using nobody is asking for trouble. Best to stick with the conventional wisdom of owner root for ~ftp. David Oppenheimer davido@phoenix.Princeton.EDU