Date: Thu, 20 Apr 2006 13:49:01 -0700 From: Skye Poier <skye@f4.ca> To: freebsd-security@freebsd.org Subject: Script to strip chroot passwd file Message-ID: <CC344CF2-2F41-4965-9DD4-0A41EA1B3B42@f4.ca>
next in thread | raw e-mail | index | archive | help
Hello BSDers, I'm running Apache in a chroot jail with suPHP. It needs an /etc/ passwd in the chroot so that suPHP can setuid to the owner of the PHP script, but there's nothing that requires the passwords to be valid. Does anyone have a script strips passwords out of master.passwd, sets all shells to nologin, etc and writes it to the chroot etc dir? I've looked around but not found anything. If it strips out certain UID ranges, and watches the master file's modification time so it can be run out of cron as well, even better! If no such thing exists, I'll write one and share it with the group if there's interest. Thanks, Skye
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CC344CF2-2F41-4965-9DD4-0A41EA1B3B42>