Aside from the insecurities inherited in the FTP protocol, I would like to 
set up a secure FTP server in the styling of an ISP.  That is to say, when 
someone ftp's to the server, all they have access to is their home directory. 
 I dont even want them to be able to browse the filesystem. (consider it like 
several anonymous ftp users) 

I have a few thoughts, but would like a bit more enlightenment on this issue.

First, is it possible to do some sort of chroot'd environment for individual 
users?  I know wu-ftp dosnt exactly support this, but I have heard too many 
stories about wu being insecure.  Does proFTPd support this?

Second, what is the bare minimum commands needed for FTP?  And by this I mean 
what goes into the ftp structure.  When I FTP to some anonymous servers, 
there are these directories:
bin/
etc/
lib/
pub/

and they are all empty execpt lib, which contains things like ld, libc, 
libnsl, libnss_files, and libtermcap

I thought you had to have things like ls and cd in bin for it to work..  
could I get away without having these libraries also?

My last question is about virtual users.  I would like the ability to have 
users log into the FTP service, but not be in the system user base. I know 
some servers support this, but I dont know which ones, and I want to know how 
the permissions work for this.  Can a virtual user be the owner of something?

Thats all for now, I am sure I will think of more questions later

Jay

-- 
Jay Kline
list at slushpupie.com
http://www.slushpupie.com/