Bug 3393 - anonymous ftp check too late
anonymous ftp check too late
Product: Red Hat Linux
Classification: Retired
Component: wu-ftpd (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Cristian Gafton
Depends On:
  Show dependency treegraph
Reported: 1999-06-10 13:07 EDT by flaps
Modified: 2008-05-01 11:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 1999-07-28 03:02:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description flaps 1999-06-10 13:07:49 EDT
The wu-ftpd-2.5 "update" rpm (presumably applies to rh 6.0
as well, but 5.2's what I've got running at the moment)
introduces anomalous behaviour in the case of prohibited
anonymous ftp login, compared to the previous "update" rpm
The old behaviour (illustrated second, below) is far
superior.  Both machines lack the "ftp" user in the password
file (but ftp is used to user accounts from within our
network which we believe is secure).

% ftp cronus.dgp.toronto.edu
Connected to cronus.dgp.toronto.edu.
220 cronus.dgp FTP server (Version wu-2.5.0(1) Tue Jun 8
11:19:44 EDT 1999) ready.
Name (cronus.dgp.toronto.edu:ajr): anonymous
331 Guest login ok, send your complete e-mail address as
530 Login incorrect.
Login failed.
ftp> quit
221 Goodbye.
% ftp cerberus.dgp.toronto.edu
Connected to cerberus.dgp.toronto.edu.
220 cerberus.dgp FTP server (Version
wu-2.4.2-academ[BETA-18](1) Mon Jan 18 19:19:31 EST 1999)
Name (cerberus.dgp.toronto.edu:ajr): anonymous
530 User anonymous unknown.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.
Comment 1 Jay Turner 1999-06-30 10:22:59 EDT
This issue has been forwarded to a developer for further action.
Comment 2 Cristian Gafton 1999-07-28 03:02:59 EDT
There were numerous aguments about people probing various sites for
valid accounts using ftp, so the maintainers changed that to have a
more conservative behavior.

There are pros and cons for either side...

Note You need to log in before you can comment on or make changes to this bug.