Script to strip chroot passwd file
Skye Poier
skye at f4.ca
Thu Apr 20 20:48:56 UTC 2006
Hello BSDers,
I'm running Apache in a chroot jail with suPHP. It needs an /etc/
passwd in the chroot so that suPHP can setuid to the owner of the PHP
script, but there's nothing that requires the passwords to be valid.
Does anyone have a script strips passwords out of master.passwd, sets
all shells to nologin, etc and writes it to the chroot etc dir? I've
looked around but not found anything. If it strips out certain UID
ranges, and watches the master file's modification time so it can be
run out of cron as well, even better!
If no such thing exists, I'll write one and share it with the group
if there's interest.
Thanks,
Skye
More information about the freebsd-security
mailing list