i know you wont get a login shell, we tried to use scp instead of ftp on this server and it failed because the login shell for ftp accounts is /bin/false.
this does work as expected, i should have said "allow login, but choose shell to be /bin/false".
i'd rather have ftp open that allow ppl. to exec /bin/bash
PMB and me tried our "best" to break into the servers root account, but both failed, the ftp exploits as well as the local shell exploits, so as of feb 2004 i consider this server to be safe, realy safe