Date: Mon, 1 Jan 1996 21:04:19 -0600 (CST) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: j@uriah.heep.sax.de (J Wunsch) Cc: hackers@FreeBSD.org, questions@FreeBSD.org Subject: Re: Answer to /bin/ls and ftp (should be documented) Message-ID: <199601020304.VAA11207@brasil.moneng.mei.com> In-Reply-To: <199601011754.SAA05624@uriah.heep.sax.de> from "J Wunsch" at Jan 1, 96 06:54:02 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> As Joe Greco wrote: > > > > The more paranoid among us will be even more cautious: you don't want > > people gaining a comprehensive listing of users on your system as easily as > > downloading the pwd.db file. I do something similar but with a twist: > > You could as well install a list of dummy users. Then you might as well not do it at all (or make 'em all "ftp"). Usually people want to display the usernames in order to provide an easy to see correlation between a file and which archive maintainer installed it... My technique at least minimizes the chances of somebody finding out complete lists of semi-useful information about users (i.e. what users there are), and also protects more subtle very-useful information about things like assigned UID's (think: "someone pulling tricks with NFS"). First rule of security, the less they know, the safer you are. ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601020304.VAA11207>