PATCH: sftp-server logging.
Dan Kaminsky
dan at doxpara.com
Tue Mar 19 03:45:42 EST 2002
> you don't get it.
>
> sshd is run by root, so you trust the logfiles.
apache is run by NOBODY, Markus. file transfer != executable access,
markus, any more than file viewing = code execution, unnamed macro virus
supporting vendor.
sftp-server is a system service that switches to user permissions for
*safety* purposes, not for ownership purposes. it's still in the purview of
the admin, at least in many sites.
sftp ain't ready to be deployed as a replacement for ftp. this remains of
the major reasons why. but until the code exists, it ain't worth bitching
about.
--dan
More information about the openssh-unix-dev
mailing list