From owner-freebsd-questions Sun Mar 28 17:40:28 1999 Delivered-To: freebsd-questions@freebsd.org Received: from hades.riverstyx.net (hades.riverstyx.net [216.94.42.239]) by hub.freebsd.org (Postfix) with ESMTP id 777CF14E0C for ; Sun, 28 Mar 1999 17:40:23 -0800 (PST) (envelope-from unknown@riverstyx.net) Received: from localhost (unknown@localhost) by hades.riverstyx.net (8.9.3/8.9.3) with ESMTP id RAA09331 for ; Sun, 28 Mar 1999 17:42:47 -0800 Date: Sun, 28 Mar 1999 17:42:47 -0800 (PST) From: To: questions@FreeBSD.ORG Subject: Re: spwd.db In-Reply-To: <19990328210322.A20511@scientia.demon.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Y'know, you can use ProFTPD instead. You can use it to chroot anonymous users (and everyone else, if you want) without requiring a copy of the password files, or even bin/ls, etc. It's in the ports collection somewhere. On Sun, 28 Mar 1999, Ben Smithurst wrote: > > Naturally, I dont want to put my /etc/spwd.db in there. However doing a > > pwd_mkdb requires that I already have database files in there. Being > > database files too, if I do a pwd_mkdb over copies of ones from /etc, the > > data isnt overwritten. (Dont want someone getting in anonymously and > > getting ahold of them, and doing a strings over spwd. :) > > > > Am I missing something obvious?? > > You don't _need_ either, it will just print UIDs in directory listings > numerically (at least the ftpd I use does). However, copying /etc/pwd.db > should be enough to let FTP convert UIDs to names, and that doesn't > contain any passwords. > > If you're worried about people getting hold of a list of user names on > your system, you'll have to either not put pwd.db in there (and put up > with numerical UIDs), or configure your ftpd not to allow people to > download files from ~ftp/etc (they shouldn't need to). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message