[1572] in Kerberos_V5_Development
Re: ftpd should allow protection to be required
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Wed Aug 14 10:56:23 1996
Date: Wed, 14 Aug 96 10:51:01 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: hartmans@MIT.EDU
Cc: krbdev@MIT.EDU
In-Reply-To: <tslhgq6rf4o.fsf@tertius.mit.edu> (message from Sam Hartman on 13
Aug 1996 20:19:51 -0400)
Telnet cannot currently be forced into requiring encryption.
The dialups do this (presumably with a hacked telneted), and I think
it is a good idea to at least provide the option. As you know, I also
think it should be the default (by that is a client issue).
Question: is there an interface to turn on encryption on the
command channel, or to turn off integrity in the client we ship?
I couldnt't find one in the ftpd man page for code. I know OV's ftp/d
supports that, but perhaps it was a non-required (by the I-D) feature.
I'm not convinced you need an option to require
encryption/integrity on the data channel, as the user can always find
a way to spew their data over the net if they try.
That's not the point. The point is to make it easy for admins to make
it as likely as possible that users will not be clueless. Right now,
you can run gss-ftp and if you forget just once to run the "private"
command your data goes in the clear. Not good. If ftpd required
encryption (and, say, refused get/put commands if it were not
enabled), then at least it would be impossible to forget. Better
(perhaps) would be to have ftpd automatically put ftp into a safe
mode; I guess ftp would have to be implemented to warn about that, and
probably never accept an automatic transfer to a lower security level,
and maybe it is still a dangerous idea.
Barry
