Subject: Re: /etc/ftpusers
To: None <perry@piermont.com>
From: Mike Long <mike.long@analog.com>
List: current-users
Date: 03/31/1997 18:18:12
>Date: Mon, 31 Mar 1997 18:13:12 -0500
>From: "Perry E. Metzger" <perry@piermont.com>

>Mike Long writes:
>> >Date: Mon, 31 Mar 1997 17:37:42 -0500
>> >From: "John F. Woods" <jfw@jfwhome.funhouse.com>
>> 
>> >One comment: don't needlessly frustrate people who buy network
>> >administration texts at a bookstore.  Use /etc/ftpusers if it is
>> >present, otherwise use the more flexible deny/allow files.  You can
>> >put a comment in the stock ftpusers directing people to consider
>> >ftp.deny or ftp.allow instead.
>> 
>> I agree with this, but I would reverse the order:  look for
>> /etc/ftp.deny first, and then look for /etc/ftpusers iff /etc/ftp.deny
>> is absent.
>
>Frankly, the sense of ftpusers is so ass-backwards that I'd say it
>*should* die.

Tell it to the P.O.'d sysadmins whose FTP servers may be compromised
because they didn't notice the change (and no matter how well you
document it, some won't).
-- 
Mike Long <mike.long@analog.com>     <URL:http://www.shore.net/~mikel>
VLSI Design Engineer         finger mikel@shore.net for PGP public key
Analog Devices, CPD Division          CCBF225E7D3F7ECB2C8F7ABB15D9BE7B
Norwood, MA 02062 USA       (eq (opinion 'ADI) (opinion 'mike)) -> nil