oftpd is designed to be as secure as an anonymous FTP server can possibly be. It runs as non-root for most of the time, and uses the Unix chroot() command to hide most of the systems directories from external users--they cannot change into them even if the server is totally compromised. It also contains its own directory-change and directory-listing code (most FTP servers execute the system "ls" command to list files).
|Licenses||BSD Original BSD Revised|
|Operating Systems||POSIX Linux|
Release Notes: This release fixes a DoS vulnerability.
Release Notes: A --nodetach flag for operation from init has been added, as well as support for graceful shutdown on SIGTERM/SIGINT, and the use of TCP_NODELAY and sendfile() for efficiency. This release also contains some minor security and bug fixes.
Release Notes: A sample Red Hat init script, man page, and FAQ, and most server runtime errors are non-fatal.
Release Notes: A glob() denial-of-service fix, random port sequencing, compile fixes for some systems, and a couple of minor bugfixes.
Release Notes: This is Yet Another Debian Compile Release. It also fixes a bug in passive transfers and uses the RFC 959 default data port for transfer if it's not otherwise specified.