Bug 111555 - Dueling user blacklists sucks
Dueling user blacklists sucks
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: vsftpd (Show other bugs)
1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Radek Vokal
Mike McLean
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-12-05 08:49 EST by Chris Ricker
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-16 04:49:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Chris Ricker 2003-12-05 08:49:56 EST
Is there any logical reason for having both /etc/vsftpd.ftpusers and
/etc/vsftpd.user_list, and requiring both to be edited by default to
allow access?

I think vsftpd.user_list should be killed, and go back to the RHL <=9
behavior of just one blacklist by default
Comment 1 Bill Nottingham 2003-12-05 11:03:23 EST
Hm, well, the issue is that the semantics of vsftpd.user_list change
depending on the config, so it sometimes needs to be separate.
Comment 2 Chris Ricker 2003-12-08 10:40:49 EST
But in the current default cocnfiguration, vsftpd.ftpusers and
vsftpd.user_list are completely redundant. vsftpd.user_list should be
disabled by default, since it only gets interesting when configured
differently than the current default (and in which case, it should
have different contents)....

I agree that both can be useful if one's a whitelist and the other's a
blacklist. Currently they're just duplicate blacklists, which is pointless
Comment 3 Radek Vokal 2004-09-16 04:49:47 EDT
vsftpd.ftpusers is black list only, OTOH vsftpd.user_list can be used
as a white list or black list according to configuration. But it can't
serve both list in one file, that's why ftpusers file is still needed. 

Note You need to log in before you can comment on or make changes to this bug.