Menu
▾
▴
[Devil-linux-software] vsftpd: I still need a fix [freshmeat.net]
|
From: freshmeat.net <no...@fr...> - 2009-11-28 12:51:26
|
Dear freshmeat.net subscriber, markhobley just posted an announcement for the project vsftpd on freshmeat.net. I STILL NEED A FIX @markhobley: The issue described is not a "security flaw", despite various misinformation on the internet about the issue. Hi Chris. I know that this bug is by design, and we have a disagreement over security protocol here. However, I still need a fix. I cannot use PAM here, because the software is bombing out before the password is prompted for. All the PAM configuration in the world won't fix this. I need to reverse the polarity of the flag, so that users get asked for a password when username whitelisting is being used. (I would not car that the this would transfer the bug to users using blacklisting, because I am not using this facility). I would be happy to run a localized fork. I would fix this myself, if I had the technical capability. This would be a two minute fix for someone who understands the program. If you won't fix this, then I am still seeking a fix from a community programmer here. Hence I am asking for a fix on the blog. The announcement is available here: http://freshmeat.net/projects/vsftpd/announcements/56-i-still-need-a-fix If you want to change your subscription to this project, please log in to: http://freshmeat.net/account/subscriptions Best regards, freshmeat.net -- This email was sent to dev...@li.... |
