Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tlug: Fine control over ftp
- To: tlug@example.com
- Subject: Re: tlug: Fine control over ftp
- From: Scott Stone <sstone@example.com>
- Date: Wed, 30 Sep 1998 19:07:02 +0900 (JST)
- Content-Type: TEXT/PLAIN; charset=US-ASCII
- In-Reply-To: <13842.33.797018.706332@example.com>
- Reply-To: tlug@example.com
- Sender: owner-tlug@example.com
On Wed, 30 Sep 1998, Stephen J. Turnbull wrote:
> >>>>> "Chris" == Chris Sekiya <chris@example.com> writes:
>
> Chris> On Wed, 30 Sep 1998, Darren Cook wrote:
> >> That worked! Why does ftp require a shell to exist, when
> >> obviously it is not using it?
>
> Chris> There was probably a good reason for it, but I've
> Chris> forgotten. Stephen?
>
> As a guess...
>
> To implement `mget *.tar.gz'? Or `quote site ...'? I'm fresh
> out of suggestions that would be easier to code than using system().
> ;-) (For innocent bystanders, system() does invoke a shell, unlike
> exec().)
>
> Scott Perlman's suggestion of security may be more authoritative,
> although I think it's unlikely since I believe that ftpd uses neither
> login(1) nor code stolen en bloc from login(1) to authenticate users.
TL's (and I think Redhat's too) uses pam to authenticate users. I think
that's a compile-time option for wu-ftpd.
>
> Putting /bin/false in /etc/shells is just a little too tricky for my
> taste for distinguishing between authorized ftp users and authorized
> telnet users, and would not allow you to authorize telnet but not ftp
> (eg for MUD connections).
Probably not a good example - muds usually run on non-standard ports such
as 3000, and shell access is irrelevant, as muds don't usually use the
system password files.
--------------------------------------------------
Scott M. Stone <sstone@example.com, sstone@example.com>
<sstone@example.com>
Head of TurboLinux Development/Systems Administrator
Pacific HiTech, Inc (USA) / Pacific HiTech, KK (Japan)
http://www.pht.com http://armadillo.pht.co.jp
http://www.pht.co.jp http://www.turbolinux.com
---------------------------------------------------------------
Next Meeting: 10 October, 12:30 Tokyo Station Yaesu central gate
Featuring the IMASY Eng. Team on "IPv6 - The Next Generation IP"
Next Nomikai: 20 November, 19:30 Tengu TokyoEkiMae 03-3275-3691
---------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp
- References:
- Re: tlug: Fine control over ftp
- From: "Stephen J. Turnbull" <turnbull@example.com>
- Re: tlug: Fine control over ftp
- Prev by Date: Re: tlug: Printed media?? Who needs TeX?
- Next by Date: Re: tlug: Printed media?? Who needs TeX?
- Prev by thread: Re: tlug: Fine control over ftp
- Next by thread: tlug: How To tell?
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |