Date: Sun, 30 Jun 1996 22:06:17 -0600 (MDT) From: Nate Williams <nate@mt.sri.com> To: "Jordan K. Hubbard" <jkh@time.cdrom.com> Cc: jmz@freebsd.org, stable@freebsd.org Subject: Re: Fetch *really* needs a man page! Message-ID: <199607010406.WAA08129@rocky.mt.sri.com> In-Reply-To: <16718.836172386@time.cdrom.com> References: <16718.836172386@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> We can't ship 2.1.5-RELEASE with ncftp gone and fetch totally > man-less, can we? That would be terrible, since we'd be essentially > tossing a lot people at a new utility without giving them the > slightest idea of how to use it. I do know that a lot of people use > ncftp right now, and if they're told that fetch is better (and I think > that it's at least more generally capable) then they'll switch, but > not without a man page! :-( *Preach it brother* *Amen* *Hallelujah* (For those whose humour meter didn't catch this, I'm stating my agreement to Jordan). I just found out what a *HUGE* security hole active-mode FTP can be, so it's now disabled in my internal net. Using IPFW, there is no way to make our systems secure if I allow outgoing-only FTP given the necessity for FTP-DATA (port 21). So, I must setup fetch to do 'passive' mode, and on a whim I tried 'fetch -p', which worked, but it was a shot in the dark. On that note, is there anyway of setting a 'KNOB' which will make sure fetch *always* does passive-mode on the ports? I set FETCH_BEFORE_ARGS, but it appears that it's not intended as a 'global', but rather for individual ports to use. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607010406.WAA08129>