Re: Base-passwd issues

To: Galen Hazelwood <galenh@apexxtech.com>
Cc: debian-devel@lists.debian.org
Subject: Re: Base-passwd issues
From: Peter Tobias <tobias@et-inf.fho-emden.de>
Date: Thu, 19 Mar 1998 00:22:38 +0100
Message-id: <[🔎] 19980319002238.48165@zaphod>
In-reply-to: <[🔎] 350FFE58.4AB04B0E@apexxtech.com>; from Galen Hazelwood on Wed, Mar 18, 1998 at 10:03:20AM -0700
References: <[🔎] 350FFE58.4AB04B0E@apexxtech.com>

On Mar 18, Galen Hazelwood wrote:
> > 3. Why no ftp or dos groups? What group would you put in their place?
> 
> I asked people about adding an ftp group to the master passwd file, but
> was told that the mere _existance_ of an ftp user (on an system which
> doesn't want to do anonymous ftp) constitutes a security hole.  Is this
> true?  If not, I'll go ahead and put it in as UID 11.

There should be no ftp user by default. On systems which don't want to
offer the anonymous ftp service it _might_ be a security hole (depending
on the ftp daemon used for it and the ftp home directory). There are no
such problems with an ftp group.


Thanks,

Peter

-- 
Peter Tobias <tobias@et-inf.fho-emden.de> <tobias@debian.org> <tobias@linux.de>
PGP ID EFAA400D, fingerprint = 06 89 EB 2E 01 7C B4 02  04 62 89 6C 2F DD F1 3C 


--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Base-passwd issues
  - From: Galen Hazelwood <galenh@apexxtech.com>

Prev by Date: Re: GS, fonts, type1inst, dtm & Co.
Next by Date: Re: Are we in this for ourselves?
Previous by thread: Re: Base-passwd issues
Next by thread: Re: Base-passwd issues
Index(es):
- Date
- Thread