> [ftp security problems]

Come to think of it, the reason this is a problem is that someone
wanted to be able to feed fetched files to pipes or file descriptors
and did it by overloading the target pathname for get.

Perhaps a better fix would be to make get/mget just get files, and add
something like (say) pipeget, which _always_ interprets argv[2] and
following as a command to pipe the retrieved file to.  Then all the
magic character detection code at the low levels of get could go away
entirely and be no danger at all for mget.

(This doesn't address .. components, of course. :-)

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B