[OpenAFS] FTPD vulnerable to glob?
Thomas Vincent - 409-974-3678
thomasv@apple.com
Tue, 17 Apr 2001 22:23:53 -0700 (PDT)
That is too bad. Maybe you should see if the maintainers are more
receptive these days.
On Tue, 17 Apr 2001, Nathan Neulinger wrote:
> Thomas Vincent wrote:
> >
> > on 4/17/01 6:39 PM, Nathan Neulinger at nneul@umr.edu wrote:
> >
> > > *laugh* The ftpd server in OpenAFS is probably vulnerable to alot worse
> > > than the glob() attack. You'd have to be nuts to actually use it.
> >
> > That is reassuring. Is anyone working on getting ACL's working in wu-ftpd or
> > pro-ftpd?
> >
> > Cheers,
> > Thomas Vincent
> >
> > _______________________________________________
> > OpenAFS-info mailing list
> > OpenAFS-info@openafs.org
> > https://lists.openafs.org/mailman/listinfo.cgi/openafs-info
>
> I did a bunch of stuff for wuftpd once, but it got ignored by the
> maintainers. The best bet I'd suggest is to just install krb5 and use
> it's ftpd, as it's 99% functional and just needs tiny mods to add full
> afs support.
>
> -- Nathan
>
> ------------------------------------------------------------
> Nathan Neulinger EMail: nneul@umr.edu
> University of Missouri - Rolla Phone: (573) 341-4841
> CIS - Systems Programming Fax: (573) 341-4216
>