From owner-freebsd-arch Wed Mar 14 22: 6:50 2001 Delivered-To: freebsd-arch@freebsd.org Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67]) by hub.freebsd.org (Postfix) with ESMTP id 1E66C37B71E for ; Wed, 14 Mar 2001 22:06:48 -0800 (PST) (envelope-from dillon@earth.backplane.com) Received: (from dillon@localhost) by earth.backplane.com (8.11.2/8.9.3) id f2F66Vj38988; Wed, 14 Mar 2001 22:06:31 -0800 (PST) (envelope-from dillon) Date: Wed, 14 Mar 2001 22:06:31 -0800 (PST) From: Matt Dillon Message-Id: <200103150606.f2F66Vj38988@earth.backplane.com> To: Garance A Drosihn Cc: "David O'Brien" , Brooks Davis , freebsd-arch@FreeBSD.ORG Subject: Re: [PATCH] add a SITE MD5 command to ftpd References: <20010314084651.A23104@ringworld.oblivion.bg> <200103142342.QAA09233@usr08.primenet.com> <20010314161555.A4984@Odin.AC.HMC.Edu> <20010314185026.C7683@dragon.nuxi.com> <200103150256.f2F2u1b37896@earth.backplane.com> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG :If you're going to download it anyway, then there is zero point :to doing the MD5. The way I'm reading this option, the ONLY :reason to do an MD5 is to try and *-AVOID-* doing a download. :That is all I want it for, at least. I'm just trying to think of the situations where a user would do this on a regular basis, and I simply can't imagine that 'unnecessary downloads' would account for then a few percent of all the downloads made from a site. Or even 1%. As far as checking to see if a file has changed or not... insofar as any great use of ftp for synchronizing file trees the modification time and file size has been used for ages and has proven to work extremely well. MD5'ing isn't going to have any great effect on reducing bandwidth verses simply looking at the modification time and file size. I see no point in adding a command that has so little effect on the site's bandwidth useage, provides no significant enhancement of operations OR security, and is yet another thing for the site administrator to have to worry about in regards to abuse. Your comment about checking to see if a file has changed is a case in point.. someone could very easily use the feature to check whole directory trees for changes with insignificant impact on them, but a huge impact on the server if it doesn't cache the MD5's somewhere. A single user MD5ing hundreds of files would have a monsterous impact on an FTP server. On FTP servers, ls -lR is often disabled due to abuse. Many ftp servers still leave it disabled. Most large ftp respositories now run ls -lR as a cron job and store the results in an easily downloadable file precisely because of the abuse that occurs when users run ls -lR's. Frankly, I see no redeeming value for a SITE MD5 command. It would be a whole lot easier for a site administrator to simply generate MD5 lists nightly and store them in files on the ftp server itself for users to download, just like many do for ls -lR. And it doesn't require adding another command to the FTP server to make it work either. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message