From owner-cvs-libexec Thu Oct 27 12:14:45 1994 Return-Path: cvs-libexec-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id MAA20427 for cvs-libexec-outgoing; Thu, 27 Oct 1994 12:14:45 -0700 Received: (from pst@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id MAA20416; Thu, 27 Oct 1994 12:14:41 -0700 Date: Thu, 27 Oct 1994 12:14:41 -0700 From: Paul Traina Message-Id: <199410271914.MAA20416@freefall.cdrom.com> To: CVS-commiters, cvs-libexec Subject: cvs commit: src/libexec/ftpd pathnames.h Sender: cvs-libexec-owner@FreeBSD.org Precedence: bulk pst 94/10/27 12:14:40 Modified: libexec/ftpd pathnames.h Log: Printing out /etc/motd when a ftp login occurs is a security hole (as is printing out a version number at the telnet login banner). Don't print out /etc/motd when people login, instead if present, print out /etc/ftpmotd. It looks like 4.4lite2 has done something similar (perhaps for different reasons) because /etc/motd no longer shows up on vangogh. Folks who like the old behavior can create a symbolic link to motd. From owner-cvs-libexec Thu Oct 27 12:16:25 1994 Return-Path: cvs-libexec-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id MAA20502 for cvs-libexec-outgoing; Thu, 27 Oct 1994 12:16:25 -0700 Received: (from pst@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id MAA20492; Thu, 27 Oct 1994 12:16:21 -0700 Date: Thu, 27 Oct 1994 12:16:21 -0700 From: Paul Traina Message-Id: <199410271916.MAA20492@freefall.cdrom.com> To: CVS-commiters, cvs-libexec Subject: cvs commit: src/libexec/ftpd ftpd.8 Sender: cvs-libexec-owner@FreeBSD.org Precedence: bulk pst 94/10/27 12:16:21 Modified: libexec/ftpd ftpd.8 Log: Update manual /etc/motd -> /etc/ftpmotd From owner-cvs-libexec Thu Oct 27 12:24:46 1994 Return-Path: cvs-libexec-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id MAA20703 for cvs-libexec-outgoing; Thu, 27 Oct 1994 12:24:46 -0700 Received: from venere.inet.it (root@venere.inet.it [194.20.8.4]) by freefall.cdrom.com (8.6.8/8.6.6) with ESMTP id MAA20696; Thu, 27 Oct 1994 12:24:38 -0700 Received: from strider.inet.it (root@strider.inet.it [194.20.8.30]) by venere.inet.it (8.6.9/8.6.9) with ESMTP id UAA38152; Thu, 27 Oct 1994 20:22:25 +0200 Received: (from piero@localhost) by strider.inet.it (8.6.9/8.6.9) id UAA04404; Thu, 27 Oct 1994 20:24:47 +0059 From: Piero Serini Message-Id: <199410271925.UAA04404@strider.inet.it> Subject: Re: cvs commit: src/libexec/ftpd pathnames.h To: pst@freefall.cdrom.com (Paul Traina) Date: Thu, 27 Oct 1994 20:24:46 +0100 (MET) Cc: CVS-commiters@freefall.cdrom.com, cvs-libexec@freefall.cdrom.com In-Reply-To: <199410271914.MAA20416@freefall.cdrom.com> from "Paul Traina" at Oct 27, 94 12:14:41 pm Reply-To: Piero@strider.inet.it Operating-System: FreeBSD 1.1.5.1 X-Phone-Number: +39 (2) 89405894 X-Faqs-Maintained: Elm (comp.mail.elm), Mail Archive Servers (comp.mail.misc) X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 565 Sender: cvs-libexec-owner@FreeBSD.org Precedence: bulk Hello. Quoting from Paul Traina (Thu Oct 27 20:14:22 1994): > Modified: libexec/ftpd pathnames.h > Log: > Printing out /etc/motd when a ftp login occurs is a security hole > (as is printing out a version number at the telnet login banner). Isn't it already under chroot ?? Bye, -- # $Id: .signature,v 1.6 1994/08/19 15:19:51 piero Exp $ # Disclaimer: I don't speak for I.Net S.p.A. Piero Serini Via Giambologna, 1 I 20136 Milano - ITALY From owner-cvs-libexec Thu Oct 27 12:30:13 1994 Return-Path: cvs-libexec-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id MAA20811 for cvs-libexec-outgoing; Thu, 27 Oct 1994 12:30:13 -0700 Received: from precipice.Shockwave.COM (precipice.shockwave.com [131.108.142.18]) by freefall.cdrom.com (8.6.8/8.6.6) with ESMTP id MAA20805; Thu, 27 Oct 1994 12:30:08 -0700 Received: from localhost (localhost [127.0.0.1]) by precipice.Shockwave.COM (8.6.9/8.6.9) with SMTP id MAA13981; Thu, 27 Oct 1994 12:28:28 -0700 Message-Id: <199410271928.MAA13981@precipice.Shockwave.COM> To: Piero@strider.inet.it cc: CVS-commiters@freefall.cdrom.com, cvs-libexec@freefall.cdrom.com Subject: Re: cvs commit: src/libexec/ftpd pathnames.h In-reply-to: Your message of "Thu, 27 Oct 1994 20:24:46 BST." <199410271925.UAA04404@strider.inet.it> Date: Thu, 27 Oct 1994 12:28:27 -0700 From: Paul Traina Sender: cvs-libexec-owner@FreeBSD.org Precedence: bulk Excellent point. I am an idiot. I noticed it when I was using non- anonymous logins. I am backing it out with cvs admin. From: Piero Serini Subject: Re: cvs commit: src/libexec/ftpd pathnames.h Hello. Quoting from Paul Traina (Thu Oct 27 20:14:22 1994): > Modified: libexec/ftpd pathnames.h > Log: > Printing out /etc/motd when a ftp login occurs is a security hole > (as is printing out a version number at the telnet login banner). Isn't it already under chroot ?? Bye, -- # $Id: .signature,v 1.6 1994/08/19 15:19:51 piero Exp $ # Disclaimer: I don't speak for I.Net S.p.A. Piero Serini Via Giambologna, 1 I 20136 Milano - ITALY From owner-cvs-libexec Thu Oct 27 12:36:06 1994 Return-Path: cvs-libexec-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id MAA20932 for cvs-libexec-outgoing; Thu, 27 Oct 1994 12:36:06 -0700 Received: (from pst@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id MAA20921; Thu, 27 Oct 1994 12:36:03 -0700 Date: Thu, 27 Oct 1994 12:36:03 -0700 From: Paul Traina Message-Id: <199410271936.MAA20921@freefall.cdrom.com> To: CVS-commiters, cvs-libexec Subject: cvs commit: src/libexec/ftpd ftpd.c Sender: cvs-libexec-owner@FreeBSD.org Precedence: bulk pst 94/10/27 12:36:02 Modified: libexec/ftpd ftpd.c Log: recommit rev 1.5 of ftpd, I fatfingered a command