Re: avoiding reinventing the wheel on file transfer.

To: Barney Wolff <barney%databus.com@localhost>
Subject: Re: avoiding reinventing the wheel on file transfer.
From: Jason R Thorpe <thorpej%zembu.com@localhost>
Date: Tue, 27 Mar 2001 18:21:04 -0800

On Tue, Mar 27, 2001 at 08:34:54PM -0500, Barney Wolff wrote:

 > 1.  One of the major reasons to run sshd is to be able to shut
 > down telnetd and ftpd, not only because of cleartext logins
 > but also because they have been prone to security bugs.  Yes,
 > one could perhaps arrange for ftpd to listen only on localhost,
 > but there is still the possibility of privilege escalation via
 > a buggy ftpd.

This seems like an implementation issue.  An implementation could
certainly choose to hack ftpd to run on a channel created by sshd
(rather than one created by inetd).

 > 2.  The two-connection model for file transfer has not, in retrospect,
 > worked out well.  (IMHO)

Passive mode?

-- 
        -- Jason R. Thorpe <thorpej%zembu.com@localhost>

Follow-Ups:
- Re: avoiding reinventing the wheel on file transfer.
  - From: Barney Wolff

References:
- Re: avoiding reinventing the wheel on file transfer.
  - From: Darren Moffat
- Re: avoiding reinventing the wheel on file transfer.
  - From: Barney Wolff

Prev by Date: Re: avoiding reinventing the wheel on file transfer.
Next by Date: Re: avoiding reinventing the wheel on file transfer.
Previous by Thread: Re: avoiding reinventing the wheel on file transfer.
Next by Thread: Re: avoiding reinventing the wheel on file transfer.
Indexes:

Home | Main Index | Thread Index | Old Index