Bugtraq mailing list archives
Re: full disclosure
From: nms () hacksaw rutgers edu (Doug Siebert)
Date: Wed, 30 Nov 1994 03:33:19 -0500
From: morgan () engr uky edu (Wes Morgan)
...text removed...
ObBug: As shipped, AT&T SVR4 3.1 for the StarServer E creates logfiles /tmp/rlogind and /tmp/ftpd. The rlogind logfile is harmless enough, but the ftpd logfile includes userids and passwords. By default, the files are world readable. Workaround: I could never find a patch from NCR/ATT. I created an empty /tmp/ftpd during boot, protecting it at 600. This does not prevent entries from being made, but it does keep the information (relatively) private. --Wes
Your solution uses the fact that an existing /tmp/ftpd file is appended to if it already exists. Using this info a better way would be to edit the binary and replace the /tmp/ftpd string with /dev/null. After editing don't forget to update your cryptographic checksum database. -nms
Current thread:
- Re: full disclosure Wes Morgan (Nov 29)
- Re: full disclosure Doug Siebert (Nov 30)