From owner-freebsd-isp Thu Jun 25 19:06:41 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA14741 for freebsd-isp-outgoing; Thu, 25 Jun 1998 19:06:41 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from enya.hilink.com.au (enya.hilink.com.au [203.8.14.116]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA14638 for ; Thu, 25 Jun 1998 19:06:02 -0700 (PDT) (envelope-from danny@enya.hilink.com.au) Received: from localhost (danny@localhost) by enya.hilink.com.au (8.8.7/8.8.7) with SMTP id MAA29558; Fri, 26 Jun 1998 12:03:42 +1000 (EST) (envelope-from danny@enya.hilink.com.au) Date: Fri, 26 Jun 1998 12:03:40 +1000 (EST) From: "Daniel O'Callaghan" To: Paul Stewart cc: Evren Yurtesen , freebsd-isp@FreeBSD.ORG Subject: Re: nonexistent In-Reply-To: <35925399.46400EF5@kawartha.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 25 Jun 1998, Paul Stewart wrote: > Somebody might be able to yell at me for this, but on several of our ftp > servers we use DATE as our shell and they can't get shell access. > Hopefully nobody is going to flame me over that...:) > > Make sure you add /bin/date to your /etc/shells file or it won't > show... If user ftp has no password, and it is not listed in /etc/ppp/ppp.deny and you are running PAP ppp logins on the same box, people will be able to get a ppp connection as user ftp. I fixed this between 2.2.2 and 2.2.5, and a FreeBSD security alert was announced at the time, although it did not describe the exploit. I think enough time has passed for the exploit to be mentioned. So... MAKE SURE USER 'ftp' HAS '*' IN THE PASSWORD FIELD :-) Danny To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message