From owner-freebsd-questions Tue Dec 18 11: 5:12 2001 Delivered-To: freebsd-questions@freebsd.org Received: from sage-american.com (sage-american.com [216.122.141.44]) by hub.freebsd.org (Postfix) with ESMTP id 111D937B419 for ; Tue, 18 Dec 2001 11:05:05 -0800 (PST) Received: from SAGEONE (adsl-64-219-21-136.dsl.crchtx.swbell.net [64.219.21.136]) by sage-american.com (8.9.3/8.9.3) with SMTP id NAA07447; Tue, 18 Dec 2001 13:04:52 -0600 (CST) Message-Id: <3.0.5.32.20011218130450.0157afe0@mail.sage-american.com> X-Sender: jacks@mail.sage-american.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Tue, 18 Dec 2001 13:04:50 -0600 To: Rakesh Prajapati , From: jacks@sage-american.com Subject: Re: Anonymous ftp , passwd , group file In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ....follow-up. I just been advised that the "-o" (and "-O") options have been merged. Som a CVSup will update the 4.4-stable... dunno about 4.2-RELEASE though... (run the manpage for ftpd and look for the -o option). If planning to set more secure permissions for FTP, you may want to consider moving up to the 4.4 version... or wait until the 4.5 is available in late January. Of coures, if you prefer RELEASE, then that's a horse of a different color . At 06:39 PM 12.18.2001 +0000, Rakesh Prajapati wrote: >Hi , > >I have a security related question. > >I am running FreeBSD 4.2 RELEASE and I am allowing Anonymous ftp to the >outside world. This box is setup at home. > >When I setup Anonymous ftp , it created the following files/directories >/var/ftp/bin >/var/ftp/etc/passwd >/var/ftp/etc/group >/var/ftp/incoming >/var/ftp/pub > > >What worries me is the presence of 2 files passwd and group in >/var/ftp/etc directory. > >I am assuming these files exist to authenticate login who dont login >anonymously. > > >Can these files be a security threat in some way????? >------------------------------------------------ > >The /var/ftp/etc/passwd and /var/ftp/etc/group files look like the usual >/etc/passwd and /etc/group files. > >bash-2.05a$ pwd >/var/ftp/etc >bash-2.05a$ cat group ># $FreeBSD: src/etc/group,v 1.19 1999/08/27 23:23:41 peter Exp $ ># >wheel:*:0:root >daemon:*:1:daemon >kmem:*:2:root >sys:*:3:root >tty:*:4:root >operator:*:5:root >mail:*:6: >bin:*:7: >news:*:8: >man:*:9: >games:*:13: >staff:*:20:root >guest:*:31:root >bind:*:53: >uucp:*:66: >xten:*:67:xten >dialer:*:68: >network:*:69: >bash-2.05a$ cat passwd ># $FreeBSD: src/etc/master.passwd,v 1.25 1999/09/13 17:09:07 peter Exp $ ># >root:*:0:0:Charlie &:/root:/bin/csh >toor:*:0:0:Bourne-again Superuser:/root: >daemon:*:1:1:Owner of many system processes:/root:/sbin/nologin >operator:*:2:5:System &:/:/sbin/nologin >bin:*:3:7:Binaries Commands and Source,,,:/:/sbin/nologin >tty:*:4:65533:Tty Sandbox:/:/sbin/nologin >kmem:*:5:65533:KMem Sandbox:/:/sbin/nologin >games:*:7:13:Games pseudo-user:/usr/games:/sbin/nologin >news:*:8:8:News Subsystem:/:/sbin/nologin >man:*:9:9:Mister Man Pages:/usr/share/man:/sbin/nologin >ftp:*:14:5:Anonymous FTP Admin:/var/ftp:/nonexistent >bash-2.05a$ > >Thanks in Advance >Rakesh > >rprajapa@sdf.lonestar.org >SDF Public Access UNIX System - http://sdf.lonestar.org > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > Best regards, Jack L. Stone, Server Admin Sage-American http://www.sage-american.com jacks@sage-american.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message