[4318] in Athena Bugs
Re: [jfc@ATHENA.MIT.EDU: ftp .netrc file]
daemon@ATHENA.MIT.EDU (Ralph R. Swick)
Mon Feb 26 11:30:12 1990
To: Jonathan I. Kamens <jik@PIT-MANAGER.MIT.EDU>
Cc: athena-ws@ATHENA.MIT.EDU, bugs@ATHENA.MIT.EDU
In-Reply-To: Your message of Mon, 26 Feb 90 04:53:30 -0500.
Date: Mon, 26 Feb 90 11:07:31 EST
From: Ralph R. Swick <swick@ATHENA.MIT.EDU>
Perhaps ftpd should be modified to understand AFS, rather than saying
that the security feature that ftpd is trying to implement is just
Bad.
I'm inclined to agree with jik. The number of places a user has
to look to make sure s/he leave no doors open should be minimized.
While it may be argued that the mode (or acl) of . is just as
(in)secure as the mode/acl of .netrc, there's significant user
benefit in reducing the number of keys on the keyring.
In the brave new Athena world, ftp's only role is in dealing
with outsiders. So it should (continue to) behave as it does in
the outside, or we'll be graduating mis-tutored users.
-R
