Date: Tue, 18 Dec 2001 12:56:21 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: Rakesh Prajapati <rprajapa@sdf.lonestar.org> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: Anonymous ftp , passwd , group file Message-ID: <20011218125036.J30898-100000@catalyst.sasknow.net> In-Reply-To: <Pine.NEB.4.33.0112181815380.7307-100000@sdf.lonestar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Rakesh Prajapati wrote to freebsd-questions@FreeBSD.ORG:
> Hi ,
>
> I have a security related question.
>
> I am running FreeBSD 4.2 RELEASE and I am allowing Anonymous ftp to the
> outside world. This box is setup at home.
>
> [...]
>
> What worries me is the presence of 2 files passwd and group in
> /var/ftp/etc directory.
>
> I am assuming these files exist to authenticate login who dont
> login anonymously.
Nope. passwd and group are only used to map uids and gids to usernames
and group names, with anonymous ftp.
Passwd contains the username and uid of everyone on the system, which
may be a potential security risk, giving a would-be attacker the names
of users on your system to attempt to hack. However, NO passwords (not
even encrypted passwords) are stored in passwd, which should be world
readable.
> root:*:0:0:Charlie &:/root:/bin/csh
^-- no password is stored
Actual login auth for real users is done through /etc/spwd.db, which
is readable only by root.
You can safely remove /var/ftp/etc/passwd, if you don't mind having
anonymous users see only the uid for file ownership. You can remove
group, too.
A good thing to do, if you want anon ftp users to see usernames, is to
make a special, separate password database that only contains entries
for, say, root, ftp, and any other users that write to the anonymous
ftp directory.
> Can these files be a security threat in some way?????
> ------------------------------------------------
>
> The /var/ftp/etc/passwd and /var/ftp/etc/group files look like the usual
> /etc/passwd and /etc/group files.
They ARE copies of /etc/passwd and /etc/group :-)
- Ryan
--
Ryan Thompson <ryan@sasknow.com>
Network Administrator, Accounts
SaskNow Technologies - http://www.sasknow.com
#106-380 3120 8th St E - Saskatoon, SK - S7H 0W2
Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon
Toll-Free: 877-727-5669 (877-SASKNOW) North America
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011218125036.J30898-100000>