From owner-freebsd-questions  Tue Dec  1 16:18:53 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA11053
          for freebsd-questions-outgoing; Tue, 1 Dec 1998 16:18:53 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from cm110119.cableco-op.com (cm110119.cableco-op.com [206.24.110.119])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA11042
          for <freebsd-questions@freebsd.org>; Tue, 1 Dec 1998 16:18:48 -0800 (PST)
          (envelope-from jwg@netbox.com)
Received: from localhost (jwg@localhost)
	by cm110119.cableco-op.com (8.8.8/8.8.8) with SMTP id QAA11216;
	Tue, 1 Dec 1998 16:21:06 -0800 (PST)
	(envelope-from jwg@netbox.com)
X-Authentication-Warning: cm110119.cableco-op.com: jwg owned process doing -bs
Date: Tue, 1 Dec 1998 16:21:05 -0800 (PST)
From: Jeff Gray <jwg@netbox.com>
X-Sender: jwg@cm110119.cableco-op.com
To: Questions at FreeBSD <freebsd-questions@FreeBSD.ORG>
Subject: Re: /etc/passwd - how to protect from spammers
Message-ID: <Pine.BSF.3.96.981201161816.11211A-100000@cm110119.cableco-op.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Casper, 

Thanks for the lead but not quite clear enough for me, yet.

The login-class approach looks perfect but when I check 
/etc/login.conf - the sample file does not include any 
chroot entries.  What does ftp-chroot have to do with access to the
password files?

We are using pine 4.03.  I checked the man pages and S/Config and
could not find 'operating-dir'
 pine -operating-dir $HOME

Appreciate the lead, need to squeeze out a bit more information <g>.
 
Thanks.

Best Regards
jeff
 



>Date: Wed, 02 Dec 1998 02:48:53 +0400
>From: Casper <casper@acc.am>
>Subject: Re: /etc/passwd - how to protect from spammers


use 
pine -operating-dir $HOME 
option of the pine , and put in the user's login-class :ftp-chroot:
option ....

Jeff Gray wrote:
> 
> We run a multiuser system and as /etc/passwd is world readable it is
easy
> for a spammer to get access to our user list.  We limit access via a
> restricted shell but do offer pine - easy to attach /etc/passwd.
> Restricting pine so as to prohibit attachments would be a severe
> restriction.
> 
> A client/user mentioned that in HP Unix there is a
> chroot wrapper of some kind which can block this access.  Could not find
> anything in the FreeBSD archives.
> 
> Suggestions welcomed.
> 
> Thanks
> jeff
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

-- 
+---------------------+----------------------+
| NightMare           | System Administrator |
+- AKA ---------------+ of Armenian Computer |
| Casper - a friendly | Center               |
| one variant :)      | nightmar@acc.am      |
+---------------------+----------------------+
        NightMares looking for you in the dark 
                   space of INet.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message