documentation is wrong for ftp server
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Server Guide |
Invalid
|
Undecided
|
Unassigned |
Bug Description
I selected security vulnerability since this document leads the reader to believe that authenticated access is insecure and can pick Anonymous access thinking that Anonymous is secure when it really is very insecure.
https:/
The documentation is wrong for this section:
------------------
In the Anonymous mode, remote clients can access the FTP server by using the default user account called "anonymous" or "ftp" and sending an email address as the password. In the Authenticated mode a user must have an account and a password. This latter choice is very insecure and should not be used except in special circumstances.
---------------
This documentation is telling the suer that authenticated mode is very insecure when I think the author meant to say that Anonymous is very insecure.
latter choice means the second choice. The author means to say the first choice. Regardless they should be more specific and say Anonymous or Authenticated. If someone else were to edit this they might not look at the generic term 'latter' and could reverse the order or add a different option.
Thanks.
Changed in serverguide: | |
status: | New → Invalid |
Thanks for your concern, harp, but I can't see how you would achieve better security by hiding this report, where you point out the possible problem.