Aside from the insecurities inherited in the FTP protocol, I would like to set up a secure FTP server in the styling of an ISP. That is to say, when someone ftp's to the server, all they have access to is their home directory. I dont even want them to be able to browse the filesystem. (consider it like several anonymous ftp users) I have a few thoughts, but would like a bit more enlightenment on this issue. First, is it possible to do some sort of chroot'd environment for individual users? I know wu-ftp dosnt exactly support this, but I have heard too many stories about wu being insecure. Does proFTPd support this? Second, what is the bare minimum commands needed for FTP? And by this I mean what goes into the ftp structure. When I FTP to some anonymous servers, there are these directories: bin/ etc/ lib/ pub/ and they are all empty execpt lib, which contains things like ld, libc, libnsl, libnss_files, and libtermcap I thought you had to have things like ls and cd in bin for it to work.. could I get away without having these libraries also? My last question is about virtual users. I would like the ability to have users log into the FTP service, but not be in the system user base. I know some servers support this, but I dont know which ones, and I want to know how the permissions work for this. Can a virtual user be the owner of something? Thats all for now, I am sure I will think of more questions later Jay -- Jay Kline list at slushpupie.com http://www.slushpupie.com/