Writable FTP home directory

Summary

FTP home directory is writable for anonymous users.

Impact

Remote command execution, remote file substitution.

The problem

When the FTP home directory of a UNIX host is writable, a remote intruder can upload a .rhosts or .forward file to gain access to the system, or may be able to replace files.

When a PC (DOS or MAC) permits anonymous users write access to its file system, a remote intruder may be able replace arbitrary programs or configuration files, or corrupt the file system by filling it up.

Fix (UNIX)

Make sure that the FTP home directory, and all system files and directories below it, are owned by root.
Make sure that they are not writable by anonymous users. As a rule, no file or directory should be owned by the FTP account.

Other tips (UNIX)

Change the login shell of the ftp account to /bin/false.
See the Admin Guide to Cracking for an example of why this is a problem.
CERT/CC Anomymous FTP configuration guidelines.