From owner-freebsd-security@FreeBSD.ORG Mon Mar 30 14:25:46 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 285551A2 for ; Mon, 30 Mar 2015 14:25:46 +0000 (UTC) Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D41D39CC for ; Mon, 30 Mar 2015 14:25:45 +0000 (UTC) Received: from slw by zxy.spb.ru with local (Exim 4.84 (FreeBSD)) (envelope-from ) id 1YcadL-000O2I-QS for freebsd-security@freebsd.org; Mon, 30 Mar 2015 17:25:43 +0300 Date: Mon, 30 Mar 2015 17:25:43 +0300 From: Slawa Olhovchenkov To: freebsd-security@freebsd.org Subject: ftpd don't record login in utmpx Message-ID: <20150330142543.GD74532@zxy.spb.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: slw@zxy.spb.ru X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Mar 2015 14:25:46 -0000 ftpd from FreeBSD-10 and up don't record ftp logins to utmpx database (for case of chrooted login). This is lack security information. I found this is done by r202209 and r202604. I can't understand reason of this. Can somebody explain?