Red Hat Bugzilla – Bug 111555
Dueling user blacklists sucks
Last modified: 2007-11-30 17:10:34 EST
Is there any logical reason for having both /etc/vsftpd.ftpusers and
/etc/vsftpd.user_list, and requiring both to be edited by default to
I think vsftpd.user_list should be killed, and go back to the RHL <=9
behavior of just one blacklist by default
Hm, well, the issue is that the semantics of vsftpd.user_list change
depending on the config, so it sometimes needs to be separate.
But in the current default cocnfiguration, vsftpd.ftpusers and
vsftpd.user_list are completely redundant. vsftpd.user_list should be
disabled by default, since it only gets interesting when configured
differently than the current default (and in which case, it should
have different contents)....
I agree that both can be useful if one's a whitelist and the other's a
blacklist. Currently they're just duplicate blacklists, which is pointless
vsftpd.ftpusers is black list only, OTOH vsftpd.user_list can be used
as a white list or black list according to configuration. But it can't
serve both list in one file, that's why ftpusers file is still needed.