ftpd leaks info which might be useful to an attacker
Garance A Drosehn
drosih at rpi.edu
Wed Sep 14 19:49:14 UTC 2016
On 13 Sep 2016, at 17:07, Ronald F. Guilmette wrote:
>
> One set of such decisions has to do with the following files:
>
> ~ftp/etc/group
> ~ftp/etc/pwd.db
>
> Thinking about how the contents of these files affects the behavior of
> the ftp DIR command caused me to realize that I actually would prefer
> it if there were some some option available for ftpd which would cause
> it to display only something like ---- where it currently attempts to
> print either a user ID name or number or a group ID name or number.
Those files completely under the control of the sysadmin (aka "you"),
so you can put whatever you want in those files. In my case, I think
I wrote a script which generates those two files from the real system
files, but it changes the userid and group names. In my case I went
with fake userid's which were the first-and-last letters of the real
userid, followed by the UID. That way there's some helpful information
there for the people who *do* have access to the passwd info for that
machine, but there isn't much info for others.
--
Garance Alistair Drosehn = drosih at rpi.edu
Senior Systems Programmer or gad at FreeBSD.org
Rensselaer Polytechnic Institute; Troy, NY; USA
More information about the freebsd-security
mailing list