On Sunday 30 May 2004 18:02, Ira Abramov wrote:
> Quoting Shlomi Fish, from the post of Sun, 30 May:
> > Hi all!
> >
> > At the moment the FTP service is not operational on ftp.iglu.org.il. The
> > question is: what should be done to bring it back? Should we use proftpd?
> > Or something more minimalistic?
>
> you mean like HTTP access? I see no reason for ftp, it's more of a
> security annoyance than a useful protocol.
You are wrong here, FTP is very useful. For example, how do you do
<<<
ls *hello*.rpm
>>>
in the Mandrake contrib directory which in HTTP is displayed as a bootload of
trimmed out links, which you can only see the full URL (which is sometimes
too long to fit into the screen) when you hover on them. The only way I can
think of is by processing the HTML source of the directory display, and it's
hardly user-friendly.
Furthermore, how do you do the ncftp equivalent of:
<<<
get *hello*.rpm
>>>
This is damn-right impossible with HTTP access, as HTTP does not handle these
wildcards very well.
As for "security annoyance", then anything we run on the server with an open
port can be a security annoyance. There have been plenty of ssh/openssh
exploits, yet we still run sshd (OK - we must). Apache can potentially have a
security risk (it had one in the past). In any case, Debian should take care
of upgrading packages with security risks easily enough, for us not to worry
too much about them.
In the FTP servers list, I gave, there is a mentioning of other FTP servers
besides wu-ftpd and proftpd. For instance, there's something called vsftpd,
(for very secure FTPd). Since we only need anonymous access, we can install
almost everything.
Nonetheless, I have been using the FTP service of iglu.org.il and other FTP
servers in the past, and I find it very convenient, and sometimes much better
than using HTTP for this. I was contacted by someone else who tried to use
the FTP server, but could not, and I'm sure there are others. Most mirror
sites give both FTP access and HTTP access (or sometimes only FTP access),
because FTP is a superior protocol for these tasks. I suggest we follow suit,
or else I'll easily be able to claim we are acting in a selfish manner, in
what is supposed to be a server serving the public.
Is it understood?
Regards,
Shlomi Fish
--
---------------------------------------------------------------------
Shlomi Fish [EMAIL PROTECTED]
Homepage: http://shlomif.il.eu.org/
Quidquid latine dictum sit, altum viditur.
[Whatever is said in Latin sounds profound.]
