- To: email@example.com
- Subject: BBS login
- From: crompton@NADC.NADC.NAVY.MIL (D. Crompton)
- Date: Wed, 15 Jan 92 18:08:46 EST
The BBS login in PA0GRI - either telnet or local bbs command does
not require a valid user or pass if the FTPUSERS file contains an
entry for anonymous with any PW. Is this the way it was intended?
Seems this changed since sometime earlier? I have a security problem
with no USER/PW entry because my NOS BBS is hanging on a network.
Leaving out the anonymous entry solved the problem. I can have any
other entry with '*' PW - I.E. 'guest *' and it requires a username
of guest - but with anonymous it does not care. Any random entry for
user is valid.