Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!uunet!bu.edu!orc!inews!cmdnfs!bhoughto
From: bhoughto@cmdnfs.intel.com (Blair P. Houghton)
Newsgroups: comp.unix.internals
Subject: Re: Has anyone hacked ftpd to keep a log of outgoing files?
Message-ID: <1364@inews.intel.com>
Date: 13 Dec 90 16:25:35 GMT
References: <8295@uwm.edu>
Sender: news@inews.intel.com
Organization: Intel Corp, Chandler, AZ
Lines: 12

In article <8295@uwm.edu> datta@vacs.uwp.wisc.edu (David Datta) writes:
>I guess the Subject says it all, except we are running BSD V4.3
>and the release of ftpd is 4.162. (if that means anything)

If you're not concerned strictly with anonymous-ftp, you'll
also want to fix ftp(1) to record outgoing files.  Anyone
(other than anonymous) who can ftp in and 'get' through
ftpd will be able to log in as a user and 'put', as well,
thus circumventing your ftpd.

				--Blair
				  "That's worth about 2 cents, I guess."