Date: Sun, 28 Mar 1999 21:03:22 +0100 From: Ben Smithurst <ben@scientia.demon.co.uk> To: Gavan McCormack <tetragon@cyber.com.au> Cc: questions@freebsd.org, unix@cyber.com.au Subject: Re: spwd.db Message-ID: <19990328210322.A20511@scientia.demon.co.uk> In-Reply-To: <36FE5F04.4AF67F24@cyber.com.au> References: <36FE5F04.4AF67F24@cyber.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Gavan McCormack wrote: > Naturally, I dont want to put my /etc/spwd.db in there. However doing a > pwd_mkdb requires that I already have database files in there. Being > database files too, if I do a pwd_mkdb over copies of ones from /etc, the > data isnt overwritten. (Dont want someone getting in anonymously and > getting ahold of them, and doing a strings over spwd. :) > > Am I missing something obvious?? You don't _need_ either, it will just print UIDs in directory listings numerically (at least the ftpd I use does). However, copying /etc/pwd.db should be enough to let FTP convert UIDs to names, and that doesn't contain any passwords. If you're worried about people getting hold of a list of user names on your system, you'll have to either not put pwd.db in there (and put up with numerical UIDs), or configure your ftpd not to allow people to download files from ~ftp/etc (they shouldn't need to). -- Ben Smithurst ben@scientia.demon.co.uk send a blank message to ben+pgp@scientia.demon.co.uk for PGP key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990328210322.A20511>