[lug] Is anon ftp upload really bad?
John Hernandez
John.Hernandez at noaa.gov
Thu Apr 25 09:24:18 MDT 2002
Oh, I see. No pissing please. What I meant by "current safe and sane"
practices refers to the oversight and file ownership/permissions scheme
- nothing to do with anonymous access.
Peter Hutnick wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wednesday 24 April 2002 05:49 pm, John Hernandez wrote:
>
>>Yes, "authenticated anonymous" is indeed an oxymoron, but I didn't say
>>or imply it.
>>
>
> Holy crap this is a Twilight Zone moment.
>
> I don't want to turn this into a pissing contest, but here is an _unedited_
> quote (from message-id 3CC730BE.1020602 at noaa.gov):
>
> > I would urge others to use anon uploads (in a safe and sane way) over
> > cleartext authenticated FTP any day of the week.
> >
>
>
> I don't quite get it. If you ADD authentication (even reusable
> clear-text passwords) to the current (safe and sane) method, how does a
> stolen password make you any worse off, provided the account is for ftp
> only?
>
> The parts set off by ">" characters is me. The other part is someone claiming
> to be you. Maybe you think I mean something other than anonymous by "anon"?
>
> - -Peter
>
> - --
> /"\ ASCII Ribbon campaign against HTML e-mail
> \ /
> X Get my PGP key at http://hutnick.com/pgp
> / \ 6128 5651 6F23 EC17 6EBD 737D 960A 20E6 76CA 8A59
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE8x1zplgog5nbKilkRAmQpAJ4sxBXkD8uKwQzuBkq+2aCzhp8eFwCgiJbH
> ueyzxjHcd+5ktcsvIZdd3FE=
> =pRkb
> -----END PGP SIGNATURE-----
>
>
--
- John Hernandez - Network Engineer - 303-497-6392 -
| National Oceanic and Atmospheric Administration |
| Mailstop R/OM12. 325 Broadway, Boulder, CO 80305 |
----------------------------------------------------
More information about the LUG
mailing list