Quote:
Originally Posted by janek
True, this is a serious security drawback, but still the server doesn't run as a deamon. You need to start it manually and then close the app before reading anything, so there's a minimal window for anyone to log in.
|
I would probably risk it, as well, but I was addressing the question of why Onyx didn't provide it by default. They would open themselves up to all kinds of grief over the security issue. The current situation seems to be a pretty good compromise.
Edit: It looks like the
secure_email_list_enable option in vsftpd.conf can be used to enable passwords for anonymous logins (in the
/etc/vsftpd.email_passwords file).