[Zope] some confusion on ftp security.

Chris Withers chrisw@nipltd.com
Thu, 22 Mar 2001 09:47:27 +0000


Patrick wrote:
> 
> I was just wondering if there is a separate config file for the Medusa FTP
> server because it alows anonymous logins even when I have used the zope
> management interface to create a user say fgh who has the rights that
> would usually be given to the anonymous group. I even defined a matching
> group fgh and removed all rights from the anonymous group.

Don't quite follow the group bit.

Medusa's FTP will let you login with _any_ username and password, IIRC (a bug
IMHO) but you can only _do_ anything if a Zope user object exists with that
username _and_ it has the rights to do what you want to do.

Almost related, I've been havign trouble FTP'ing into a lot of our Zope
instances with ange-ftp recently. Basically, login goes fine, but then it just
sits there saying:

Listing.... /chris@localhost 8021:/test/...

...where test si a DTML method.

any ideas?

Oh yeah, and there's still all those 'Unhandled connect event's when doing stuff
via FTP, any idea what they mean?

cheers,

Chris