Red Hat Bugzilla – Bug 3393
anonymous ftp check too late
Last modified: 2008-05-01 11:37:50 EDT
The wu-ftpd-2.5 "update" rpm (presumably applies to rh 6.0
as well, but 5.2's what I've got running at the moment)
introduces anomalous behaviour in the case of prohibited
anonymous ftp login, compared to the previous "update" rpm
The old behaviour (illustrated second, below) is far
superior. Both machines lack the "ftp" user in the password
file (but ftp is used to user accounts from within our
network which we believe is secure).
% ftp cronus.dgp.toronto.edu
Connected to cronus.dgp.toronto.edu.
220 cronus.dgp FTP server (Version wu-2.5.0(1) Tue Jun 8
11:19:44 EDT 1999) ready.
Name (cronus.dgp.toronto.edu:ajr): anonymous
331 Guest login ok, send your complete e-mail address as
530 Login incorrect.
% ftp cerberus.dgp.toronto.edu
Connected to cerberus.dgp.toronto.edu.
220 cerberus.dgp FTP server (Version
wu-2.4.2-academ[BETA-18](1) Mon Jan 18 19:19:31 EST 1999)
Name (cerberus.dgp.toronto.edu:ajr): anonymous
530 User anonymous unknown.
Remote system type is UNIX.
Using binary mode to transfer files.
This issue has been forwarded to a developer for further action.
There were numerous aguments about people probing various sites for
valid accounts using ftp, so the maintainers changed that to have a
more conservative behavior.
There are pros and cons for either side...