On Sunday 30 May 2004 21:03, Ilya Konstantinov wrote:
> On Sun, May 30, 2004 at 06:02:11PM +0300, Ira Abramov wrote:
> > Quoting Shlomi Fish, from the post of Sun, 30 May:
> > > Hi all!
> > >
> > > At the moment the FTP service is not operational on ftp.iglu.org.il.
> > > The question is: what should be done to bring it back? Should we use
> > > proftpd? Or something more minimalistic?
> >
> > you mean like HTTP access? I see no reason for ftp, it's more of a
> > security annoyance than a useful protocol.
>
> Also, limiting to HTTP, we could have a single place to limit
> concurrent number of connections, access etc.
Again, we are stressing our convenience over the users' whom we serve.
> To replace FTP's directory listing capabilities, I suggest we
> install mod_dav, to enable WebDAV-based directory listing.
>
There are several problems with WebDAV and mod_dav:
1. mod_dav is only available for Apache 2.0.x. Debian Stable ships with Apache
1.3.x. While we can install a back-ported Apache 2.0.x package, it may
interfere with other modules we have, like mod_perl or mod_php, which will
require newer versions. This may be solved if we install both versions of
Apache, and proxy one through the other.
2. WebDAV as a protocol is quite complex and based on XML. This may make its
implementation potentially very prone to errors. I recall that I once
recommended someone very knowledgable to use Subversion (which can be
networked over its own variant of WebDAV) instead of CVS, and he said, and I
quote:
"I fear WebDAV almost as much as I fear CVS."
(and we all know what poor security record CVS had).
While I also use WebDAV (as part of Subversion), I think that we cannot have a
peace of mind in choosing it over FTP.
3. WebDAV is much less ubiquitous than FTP is. There are tons of FTP clients
available for any platform, and most distributions (including Win32) ship
with at least one ("ftp") in the default install. WebDAV clients, OTOH are
much less common, due to the complexity of the protocol. Do you know of a
WebDAV client that comes close to the power of ncftp?
So I think we're better off with FTP instead of, or along with, WebDAV.
> Also, I think we shouldn't keep an rsync server; if not for its
> unfortunate security history, then for the fact that we're not an
> official mirror for anything, not even 2nd-tier.
I find rsync convenient many times to correct mis-downloaded files. I already
installed rsync on the server so I can transfer files there using rsync over
ssh. But I won't insist on that.
Regards,
Shlomi Fish
---------------------------------------------------------------------
Shlomi Fish [EMAIL PROTECTED]
Homepage: http://shlomif.il.eu.org/
Quidquid latine dictum sit, altum viditur.
[Whatever is said in Latin sounds profound.]
