Bug 100627
| Summary: | vsftpd.conf configured for anonymous access by default | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Brad Spry <dbspry> |
| Component: | vsftpd | Assignee: | Bill Nottingham <notting> |
| Status: | CLOSED NOTABUG | QA Contact: | Mike McLean <mikem> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 8.0 | CC: | rvokal |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2003-07-23 19:21:20 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
We've always shipped our ftp daemons to allow anonymous by default. I thought the 'vs' in vsftpd stood for 'very secure'? If so, please reconsider disabling anonymous ftp by default. To me the moniker 'very secure' is how the product is labeled, its not just another ftpd. |
Description of problem: vsftp allows anonymous access by default How reproducible: very Steps to Reproduce: 1. vsftpd.conf 2. anonymous_enable=YES Additional info: distro should ship with anonymous_enable=NO