Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 6 Jan 1996 14:30:05 +0100 (MET)
From:      Piero Serini <>
To: (Joe Greco)
Cc:, hackers@FreeBSD.ORG, questions@FreeBSD.ORG
Subject:   Re: Answer to /bin/ls and ftp (should be documented)
Message-ID:  <>
In-Reply-To: <> from "Joe Greco" at Jan 1, 96 10:06:58 am

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

Quoting from Joe Greco (Mon Jan  1 17:06:58 1996):
> 3.  Copy the new pwd.db and group files into ~ftp/etc, and make them both
> mode 0440.  Change owner to "root.daemon".
> 4.  Copy /bin/ls into ~ftp/bin.  Change owner to "root.daemon", and change
> the mode to 2111...
> Now nobody can access your pwd.db or group files, but ls can, because it is
> a member of the appropriate group...
> I know this may seem overly paranoid to people, but you never know what
> tricks someone might use to gain access to your system, and the lower your
> profile, the safer you may be...

I simply edit the master.passwd I use to generate spwd.db and pwd.db,
I lock out all the accounts I leave in, compile the db and no 's' bit
is needed. My master.passwd looks like:

root:*:0:0::0:0:System Administrator:/:/nonexistant
daemon:*:1:1::0:0:System deamons:/:/nonexistant
bin:*:3:7::0:0:Binaries pseudo-user:/:/nonexistant
games:*:7:13::0:0:Games pseudo-user:/:/nonexistant
news:*:8:8::0:0:News' login:/:/nonexistant
guest:*:32766:31::0:0:Guest login:/:/nonexistant
nobody:*:32767:32767::0:0:Unprivileged user:/:/nonexistant
ftp:*:300:300::0:0:Anonymous FTP login:/usr/ftp:/usr/libexec/ftpd -l
ftp-adm:*:301:301::0:0:FTP Admin:/usr/ftp:/nonexistant
www:*:302:302::0:0:World Wibe Web:/:/nonexistant
www-adm:*:303:302::0:0:World Wibe Web:/:/nonexistant

So there's no user listed, no password, nothing.

#        $Id: .signature,v 1.12 1995/08/14 12:10:54 piero Exp $
Piero Serini                                            Via Giambologna, 1 
<Piero@Free.IT>                                     I 20136 Milano - ITALY

Want to link to this message? Use this URL: <>