From owner-freebsd-security Tue Dec 9 17:25:43 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id RAA27509 for security-outgoing; Tue, 9 Dec 1997 17:25:43 -0800 (PST) (envelope-from owner-freebsd-security) Received: from pollux.or.signature.nl (pollux.or.signature.nl [194.229.138.194]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA27489 for ; Tue, 9 Dec 1997 17:25:32 -0800 (PST) (envelope-from bit@signature.nl) Received: from pc03.or.signature.nl (pc03.or.signature.nl [194.229.138.197]) by pollux.or.signature.nl (8.8.7/bs) with SMTP id CAA29061; Wed, 10 Dec 1997 02:23:59 +0100 (MET) Message-Id: <1.5.4.16.19971210022410.288f9b14@pollux.or.signature.nl> X-Sender: bit@pollux.or.signature.nl X-Mailer: Windows Eudora Light Version 1.5.4 (16) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Wed, 10 Dec 1997 02:24:10 +0000 To: security@FreeBSD.ORG From: Bart Smit Subject: Re: Possible problem with ftpd 6.00 Cc: Cy Schubert - ITSD Open Systems Group Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk OK. forgot who started this, but it's been enough. I mean, SHEESH, could we PLEASE get rid of this non-discussion. It doesn't belong to FreeBSD security. (You can stop reading now. Delete this mail, and try to do do something useful. If you're stubborn, read on...) --Bart If someone thinks that it would be good&sensible to require that ftpd doesn't password when anon, then it's also sensible to forbid ANY (bogus) password-prompting program, which clearly is impossible. So STOP whining. It makes a lot more sense to find a way for ppl to verify the integrity of the *whatever* that wants a password *whenever*. That's a tricky subject, and ALSO DOESN'T BELONG ON FreeBSD-SECURITY!!!! Cy, sorry that you have to be the target of my anger, but this was the mail and the time. I'm much more annoyed with the guy (m/f) who initiated this thread (but also annoyed with the ppl who felt like reacting at all). --Bart Smit Systeembeheerder Stichting Signature At 07:12 5-12-97 -0800, you wrote: >You have stumbled across aguably (IMHO) the best anonymous FTP server out >there. Netscape sends USER and PASS commands, regardless of the prompt. If >you want to run a read-only anonymous FTP server, this is the one to use. >Because anonftp doesn't handle "regular" FTP, you would need to put your >"regular" FTP server on another port. > >The reason anonftpd is so good is that it does only one thing: Anonymous FTP, >that's it. Maybe there should be a port for it (and some other of Daniel >Bernstien's work such as Qmail). Then people who want to run a secure >anonymous FTP server can. > > > >Regards, Phone: (250)387-8437 >Cy Schubert Fax: (250)387-5766 >UNIX Support OV/VM: BCSC02(CSCHUBER) >ITSD BITNET: CSCHUBER@BCSC02.BITNET >Government of BC Internet: cschuber@uumail.gov.bc.ca > Cy.Schubert@gems8.gov.bc.ca