[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fully transparent ftp-proxy?



   ftp handling is fine as it is. it belongs into userland as it is.
   you do not understand the security implications. read about the recent vulns
   in packet filtering packages that have (WRONG WRONG WRONG)
   in-kernel ftp connection tracking.
I understand the security implications.  I agree that FTP should be
handled in user space.  I want a solution that can be used to firewall
FTP servers.  I was proposing that this should be done in userspace,
and musing on what level of kernel support such a solution would
require.
      -roy