From owner-freebsd-bugs  Mon Aug  6 18:50: 8 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 0931537B401
	for <freebsd-bugs@hub.freebsd.org>; Mon,  6 Aug 2001 18:50:02 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f771o1h35954;
	Mon, 6 Aug 2001 18:50:01 -0700 (PDT)
	(envelope-from gnats)
Date: Mon, 6 Aug 2001 18:50:01 -0700 (PDT)
Message-Id: <200108070150.f771o1h35954@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Mike Heffner <mheffner@novacoxmail.com>
Subject: RE: bin/29487: ftpd leaks password typed as username by mistake
Reply-To: Mike Heffner <mheffner@novacoxmail.com>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR bin/29487; it has been noted by GNATS.

From: Mike Heffner <mheffner@novacoxmail.com>
To: Yoshihiro Koya <Yoshihiro.Koya@math.yokohama-cu.ac.jp>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: RE: bin/29487: ftpd leaks password typed as username by mistake
Date: Mon, 06 Aug 2001 21:38:28 -0400 (EDT)

 This message is in MIME format
 --_=XFMail.1.5.0.FreeBSD:20010806213828:313=_
 Content-Type: text/plain; charset=us-ascii
 
 
 On 06-Aug-2001 Yoshihiro Koya wrote:
 | 
 | It might quite often to type the password instead of username 
 | to ftp clients by mistake.
 | In that case, ftpd(8) on FreeBSD logges the usenames into
 | /var/log/messages as follows
 
 But this information is sometimes relevant if you would like to be able to tell
 the difference between an attacker probing several different accounts and a
 normal user mistyping their username.
 
 | 
 |       Aug  6 22:19:28 presario ftpd[814]: FTP LOGIN FAILED FROM localhost,
 mypass 
 | 
 | On the other hand, evey user on the system can access /var/log/messages.
 | It might cause security related problems. 
 
 A better way might be to log the username info to a different facility, auth,
 authpriv or something that's not logged to a world readable file.
 
 Mike
 
 -- 
   Mike Heffner         <mheffner@[acm.]vt.edu>
   Fredericksburg, VA       <mikeh@FreeBSD.org>
 
 
 --_=XFMail.1.5.0.FreeBSD:20010806213828:313=_
 Content-Type: application/pgp-signature
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.0.6 (FreeBSD)
 Comment: For info see http://www.gnupg.org
 
 iD8DBQE7b0aUFokZQs3sv5kRAvS+AKCFhrmFF/Y+jFxyiGmYAC11C42U+ACfbZy9
 8pSMvryZGjCD35OBP11OWwU=
 =heQY
 -----END PGP SIGNATURE-----
 
 --_=XFMail.1.5.0.FreeBSD:20010806213828:313=_--
 End of MIME message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message