Bug#2345 - sample config creates security hole.  Not a "security hole", per
se, but a configuration snippet that doesn't cover everything.  This is the
problem with providing examples: too many people take the examples for use,
as is, without stopping to think if the example is suitable for their needs,
implicitly relying on others to do their thinking for them.

Author: Castaglia

proftpdfaq-docbook.sgml

@@ -1026,9 +1026,12 @@ for "warez"):</para>
   User username
   Group usergroup
   UserAlias ftp username
-  AuthAliasOnly on
   RequireValidShell off
 
+  &lt;Limit WRITE&gt;
+    DenyAll
+  &lt;/Limit&gt;
+
   &lt;Directory pub/incoming/&gt;
      &lt;Limit STOR CWD&gt;
         AllowAll

proftpdfaq-linuxdoc.sgml

@@ -951,9 +951,12 @@ for "warez"):
   User username
   Group usergroup
   UserAlias ftp username
-  AuthAliasOnly on
   RequireValidShell off
 
+  <Limit WRITE>
+    DenyAll
+  </Limit>
+
   <Directory pub/incoming/>
      <Limit STOR CWD>
         AllowAll