Sent it to the wrong list:
----- Forwarded message from "Alan P. Laudicina" <[EMAIL PROTECTED]> -----
Resent-Date: 23 Feb 2000 20:58:40 -0000
Resent-Cc: recipient list not shown: ;
X-Envelope-Sender: [EMAIL PROTECTED]
Date: Wed, 23 Feb 2000 12:58:27 -0800
From: "Alan P. Laudicina" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Small Bug
X-Mailer: Mutt 1.0pre3us
Resent-Message-ID: <SAkOmD.A.nSB.AoEt4@murphy>
Resent-From: [EMAIL PROTECTED]
X-Mailing-List: <[EMAIL PROTECTED]> archive/latest/3824
X-Loop: [EMAIL PROTECTED]
Precedence: list
Resent-Sender: [EMAIL PROTECTED]
login> login alanp
login: alanp: Unknown user
login> login alan
Password:
This isn't a good idea security-wise. Instead of the 'User
Unknown' error, it should just ask for the password and error
out with an Invalid Password error. The way it is setup now
it could be used to guess login names, which is pretty much the
reason that most ftpds ask for a password if there is no such
username on the system anyways, now.
Thanks,
Alan P. Laudicina
--
| Alan P. Laudicina / [EMAIL PROTECTED] |
| http://corp.linux.com / http://www.unixpower.org |
| "You can get more with a kind word and a gun than you |
| can with a kind word alone." - Al Capone (1899-1947) |
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
----- End forwarded message -----
--
| Alan P. Laudicina / [EMAIL PROTECTED] |
| http://corp.linux.com / http://www.unixpower.org |
| "You can get more with a kind word and a gun than you |
| can with a kind word alone." - Al Capone (1899-1947) |
