Re: stop exposing usernames in ftp(1)?

To: David Holland <dholland-tech%NetBSD.org@localhost>
Subject: Re: stop exposing usernames in ftp(1)?
From: "Steven M. Bellovin" <smb%cs.columbia.edu@localhost>
Date: Sat, 30 Aug 2008 13:14:14 -0400

On Sat, 30 Aug 2008 17:08:34 +0000
David Holland <dholland-tech%NetBSD.org@localhost> wrote:

> In this day and age there's no real reason to expose valid local user
> names to ftp servers, and some risk that doing so will attract spam.
> So I think it's time we stopped doing so. The following patch makes
> the anonftp password always "anonymous@".
> 
Excellent idea.  I've long had

        machine default login anonymous password anonymous@

in my .netrc file for precisely that reason.


                --Steve Bellovin, http://www.cs.columbia.edu/~smb

References:
- stop exposing usernames in ftp(1)?
  - From: David Holland

Prev by Date: stop exposing usernames in ftp(1)?
Next by Date: Re: RFC - add snscanf(3) to stdio
Previous by Thread: stop exposing usernames in ftp(1)?
Next by Thread: Changes to add snscanf/vsnscanf
Indexes:

Home | Main Index | Thread Index | Old Index