Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 5 Dec 1997 11:04:39 +0300
From:      Vadim Kolontsov <vadim@tversu.ru>
To:        "Jordan K. Hubbard" <jkh@time.cdrom.com>
Cc:        Adam Shostack <adam@homeport.org>, robert@cyrus.watson.org, security@FreeBSD.ORG
Subject:   Re: Possible problem with ftpd 6.00
Message-ID:  <19971205110439.23205@tversu.ru>
In-Reply-To: <15222.881232488@time.cdrom.com>; from Jordan K. Hubbard on Thu, Dec 04, 1997 at 02:48:08AM -0800
References:  <199712040810.DAA19509@homeport.org> <15222.881232488@time.cdrom.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi,

On Thu, Dec 04, 1997 at 02:48:08AM -0800, Jordan K. Hubbard wrote:
> > If you design systems such that people need to RTFM, your systems will
> > fail.  The FTP daemon should be re-written so that it doesn't ask for
> > a password when its offering anonymous access.  (As in http).
> 
> Which would break the heck out of many traditional FTP clients which
> expect every user, be it a legit one or an anonymous one, will result
> in a password being requested by the ftpd and they'll probably fail
> the handshake with your optimization.

  It seems like "non-password" anonymous ftp servers exist and work:

sh-2.00$ ftp koobera.math.uic.edu
Connected to koobera.math.uic.edu.
220 Hi there! This is anonftpd.
Name (koobera.math.uic.edu:vadim): ftp
230 Hi. No need to log in; I'm an anonymous ftp server.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

  By the way, Netscape (at least Communicator 4.04) understands it.

Best regards,
V.
-- 
Vadim Kolontsov
Tver Internet Center NOC
phone: +7-(0822)-365743,



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19971205110439.23205>