From owner-freebsd-security Mon Jun 9 09:11:31 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA29406 for security-outgoing; Mon, 9 Jun 1997 09:11:31 -0700 (PDT) Received: from homeport.org (lighthouse.homeport.org [205.136.65.198]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id JAA29398 for ; Mon, 9 Jun 1997 09:11:26 -0700 (PDT) Received: (adam@localhost) by homeport.org (8.8.5/8.6.9) id MAA26597; Mon, 9 Jun 1997 12:05:42 -0400 (EDT) From: Adam Shostack Message-Id: <199706091605.MAA26597@homeport.org> Subject: Re: ftpd security weakness on FreeBSD (fwd) In-Reply-To: <199706091557.IAA10313@passer.osg.gov.bc.ca> from Cy Schubert - ITSD Open Systems Group at "Jun 9, 97 08:57:26 am" To: cschuber@uumail.gov.bc.ca Date: Mon, 9 Jun 1997 12:05:41 -0400 (EDT) Cc: adam@homeport.org, darkstar@telcentral.net, dg@root.com, yossman@yoss.canweb.net, security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL27 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk I considered suggesting anonftpd (or Ranum's aftpd, which has more traditional messages). I did not because a lot of people want to be able to ftp inwards, and the anon only option seems a bit more restrictive than is freebsd's bent. I wouldn't oppose it as long as the docs suggested an upgrade path of (a/anon) -> logdaemon -> WUftpd as need for capabilities increases. Adam Cy Schubert - ITSD Open Systems Group wrote: | Another good ftpd daemon is anonftpd. It only supports anonymous ftp and a | subset of features. Sites offering an anonymous ftp service could use the | anonftpd daemon for anonymous use while running the FreeBSD daemon (or | better yet the Kerberos V daemon) behind a TCP/Wrapper off another port. -- "It is seldom that liberty of any kind is lost all at once." -Hume