Quote:
Originally Posted by arun5002
Which of these license version of ftp is more reliable in production server .
|
As far as my understanding goes any party can include BSD code w/o having to share any changes like for example Microsoft and Apple do (or rather: don't). For your server usage it does not make a difference unless there's a specific reason you're asking. (But then I'd first ask if you've actually read the BSD and GPL.)
Quote:
Originally Posted by arun5002
it have some security drawback in VSFTPD.
|
Please explain or please check your English / translation because "security drawback" doesn't look OK: did you mean "vulnerability" perhaps?.
Quote:
Originally Posted by arun5002
How can i reduce the below security compliance in vsftpd
vsftpd CVE Entries: 12
|
Did you even assess what the CVE entries were about? Of the about 6 remaining CVE entries for Vsftpd at least 2 are distribution-specific and the other 4 won't compromise security in the sense of authentication bypasses etc. And sid you compare these CVE's with those for Pureftpd? If you did, would you rather face resource exhaustion (Vsftpd: CVE-2011-0762) or allow users to overwrite arbitrary files (Proftpd: CVE-2011-3171) or command injection (Pureftpd: CVE-2011-1575)?