Penguin

Differences between current version and revision by previous author of FTP.

Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History

Newer page: version 4 Last edited on Sunday, February 27, 2005 5:11:36 pm by AristotlePagaltzis
Older page: version 2 Last edited on Tuesday, September 17, 2002 12:41:57 pm by JohnMcPherson Revert
@@ -1,6 +1,18 @@
-An [Acronym] for File Transfer Protocol. 
+An [Acronym] for __F__ile __T__ransfer [ Protocol]
  
-Not as relevant these days as the web has replaced most of the functionality, but this is how computer users who were on a network used to share files. Requiring a username and password to gain access to an FTP server, it became a convention that public areas of a server allowed the username " anonymous" along with any password. 
+Not as relevant these days as the web has replaced most of the functionality, but this is how computer users who were on a network used to share files. Requiring a username and password to gain access to an [ FTP] server, it became a convention that public areas of a server allowed the username <tt> anonymous</tt> along with any password.  
+  
+[FTP] has three weaknesses so major that it possibly deserves to be called the __F__'ing __T__errible __P__rotocol.  
+  
+# It makes no provisions for encryption of any sort. All user credentials pass the wire in the clear. Since [FTP] servers often authenticate users using their system accounts on the [FTP] host, this is close to criminal neglect.  
+  
+# Besides the initial connection, the so-called control connection, which is used to navigate, request directory listings, etc, [FTP] requires opening a separate data connection for every file transfer. Note that you can only have one data connection open at a time. Ironically, since directory listings are sent over the data connection, the control connection is nearly useless while a file transfer is underway. To make matters patently absurd, traditionally, the data connection originates ''from the server'' and goes ''to'' the client. Modern servers and clients support so-called passive mode, where all connections originate from the client. Needless to say, all this means it is non-trivial to permit [FTP] through a FireWall.  
+  
+# Lastly, the format for directory listings is unspecified. In practice, <tt>ls -l</tt> format has become the unfortunate defacto standard. This format is rather machine hostile. It is underspecified and hard to parse reliably. Despite its basically using fixed-width fields, various ls(1) implemntations let some overlong values break the columnization in a line. Infuriatingly, this directory listing format also requires a lot of code to generate on the server: a lose-lose situation. In times past, the hassle of generation would be avoided by spawning an external ls(1) process (which is how the format came to be the standard), but this is nowadays avoided for security and performance reasons.  
+  
+There are even more issues with the protocol, though they're not nearly so major.  
+  
+It's half a wonder that [FTP] works at all
  
 ---- 
-See CategoryProtocols 
+Part of CategoryProtocols