Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#10791 - pure-ftpd-1.0.21-2 Missing configure flag --with-ftpwho
Attached to Project:
Arch Linux
Opened by dcecchin (Kalidarn) - Monday, 30 June 2008, 16:32 GMT
Last edited by Allan McRae (Allan) - Saturday, 21 March 2009, 07:42 GMT
Opened by dcecchin (Kalidarn) - Monday, 30 June 2008, 16:32 GMT
Last edited by Allan McRae (Allan) - Saturday, 21 March 2009, 07:42 GMT
|
DetailsDescription:
Basically when you install pure-ftpd the pure-ftpwho command (which is there) gives you an error about compiling pure-ftpd with the --with-ftpwho flag enabled. When enabled and the command is executed you are given, PID, Login, Speed, What they are doing, File & IP address of the users logged into your FTP server. I'm wondering why this option is disabled, to be honest I don't even know why upstream has such a flag on pure-ftpd. Unless there is some sort of gaping security hole because of this feature I think the PKGBUILD for pure-ftpd in the repo should have it enabled. |
This task depends upon
Closed by Allan McRae (Allan)
Saturday, 21 March 2009, 07:42 GMT
Reason for closing: Fixed
Additional comments about closing: pure-ftpd-1.0.21-4
Saturday, 21 March 2009, 07:42 GMT
Reason for closing: Fixed
Additional comments about closing: pure-ftpd-1.0.21-4
Comment by Greg (dolby) -
Monday, 21 July 2008, 18:28 GMT
Can you investigate this further? Dont expect someone else to do all the job for you.
Comment by dcecchin (Kalidarn) -
Tuesday, 22 July 2008, 00:22 GMT
I think it's omission is simply a plain mistake by the writer of the pkgbuild, I did some googling around but didn't find anything on it reguarding security. openSUSE and Debian all seem to have it enabled so I'm expecting there's nothing wrong with it.