From owner-freebsd-security  Thu Dec  4 03:33:29 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id DAA13498
          for security-outgoing; Thu, 4 Dec 1997 03:33:29 -0800 (PST)
          (envelope-from owner-freebsd-security)
Received: from mail.netcetera.dk (root@sleipner.netcetera.dk [194.192.207.2])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id DAA13477
          for <freebsd-security@freebsd.org>; Thu, 4 Dec 1997 03:33:13 -0800 (PST)
          (envelope-from leifn@image.dk)
Received: (from uucp@localhost)
	by mail.netcetera.dk (8.8.8/8.8.8) with UUCP id MAA20776
	for freebsd-security@freebsd.org; Thu, 4 Dec 1997 12:32:26 +0100
Received: by swimsuit.roskildebc.dk (0.99.970109)
	id AA07743; 04 Dec 97 12:33:38 +0100
From: leifn@image.dk (Leif Neland)
Date: 04 Dec 97 10:22:08 +0100
Subject: Re: Possible problem with ftpd 6.00
Message-ID: <588_9712041233@swimsuit.roskildebc.dk>
Organization: Fidonet: UNIX-sysadm søger job 
To: freebsd-security@freebsd.org
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

At 04 Dec 97 09:10:04 adam@homeport.org  (2:234/49.99) wrote to root  regarding Re: Possible problem with ftpd 6.00 in area "freebsd-security"

 a> If you design systems such that people need to RTFM, your systems
 a> will fail.  The FTP daemon should be re-written so that it
 a> doesn't ask for a password when its offering anonymous access.
 a> (As in http).

If you want polite people to send their email-adress, then how about making the string:

password: \rEnter your email adress:

Then browsers/agents/scripts will still see the password: prompt, but it will be overwritten by "Enter your email adress" for humans to see.


Leif Neland
leifn@image.dk

---
|Fidonet:  Leif Neland 2:234/49
|Internet: leifn@image.dk