{"description": "Is there a mission-critical reason for users to upload files via FTP? If not,\nedit the vsftpd configuration file to add or correct the following configuration options:\n<pre>write_enable=NO</pre>\nIf FTP uploads are necessary, follow the guidance in the remainder of this section to secure these transactions\nas much as possible.", "rationale": "Anonymous FTP can be a convenient way to make files available for universal download. However, it is less\ncommon to have a need to allow unauthenticated users to place files on the FTP server. If this must be done, it\nis necessary to ensure that files cannot be uploaded and downloaded from the same directory.", "severity": "unknown", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": null, "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Disable FTP Uploads if Possible", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml", "template": null}