COMMAND

    wu-ftpd 2.4.2-beta-12/13

SYSTEMS AFFECTED

    Systems running wu-ftpd 2.4.2-beta-12/13

PROBLEM

    The default umask  for wu-ftpd 2.4.2-beta-13  is 002.   Since most
    users on most sites  are in the same  group, all files created  by
    users PUTting  files would  be group  writeable by  anyone.  Not a
    good thing.  The same works for wu-ftpd 2.4.2-beta-12.

    The offending code is in "ftpd.c" line 259:

        #if !defined(CMASK) || CMASK == 0
        #undef CMASK
        #define CMASK 002
        #endif

    Credit for this goes to Roy M. Hooper.

SOLUTION

    Changing CMASK  002 to  CMASK 022  will fix  this.   If you aren't
    easily able to  recompile your wu-ftpd,  but you are  able to edit
    its entry in inetd.conf, invoking it with the switch "-u022"  will
    also  let  you  set  the  default  umask  to 022 (you can even use
    "-u077", if you're feeling paranoid or fascist).