Re: Problems with wuftpd - password logging(?)

[@haddock.saa-cons.co.uk:djr () saa-cons co uk (Dave Roberts)]

On Thu, 16 Mar 1995, DaVe McComb wrote:

> I seem to have a major problem with wuftpd version wu-2.4, in that if a 
> specific sequence of steps is taken, the user's password is logged to 
> /var/adm/messages, wtmp, and to the screen.  This is happening under 

This also happens to me.  I've just stepped up the amount of logging that 
occurs with our main Unix box, which is an RS/6000 running AIX 3.2.5.  

The ftpd is the standard one that IBM provide.  If ftpd is invoked with a 
-d option, and syslog logs daemon activity of debug and above, then, when 
a normal user ftp's to the machine, it logs their password!  Not good.  

I wanna keep track of the ftp activity of my users, but I don't want to
see their passwords in the log file.  On AIX this is not *SO* much of a
problem as the log file is sat in /var/spool/mqueue which is mode 770 for
root.system, but it still concerns me.  Don't know what anyone else 
thinks about this.

Anyone know a way around this except from turning the log level back to
"info" only? 

-----[ syslog extract ]-------
Mar 31 14:33:09 server0 ftpd[26843]: connect from client2
Mar 31 14:33:09 server0 ftpd[26843]: <--- 220 
Mar 31 14:33:09 server0 ftpd[26843]: server0 FTP server (Version 4.9 Thu 
Sep 2 20:35:07 CDT 1993) ready.
Mar 31 14:33:40 server0 ftpd[26843]: command: USER xyz1^M 
Mar 31 14:33:40 server0 ftpd[26843]: <--- 331 
Mar 31 14:33:40 server0 ftpd[26843]: Password required for xyz1.
Mar 31 14:33:49 server0 ftpd[26843]: command: PASS momsname^M 
Mar 31 14:33:49 server0 ftpd[26843]: <--- 230 
Mar 31 14:33:49 server0 ftpd[26843]: User xyz1 logged in.
-----[ end of extract ]-------

- Dave.

-------------------+------------------------------------------------------
Dave Roberts       | Don't `surf the net', it's sad.  Get a board and surf
djr () saa-cons co uk | the break.           "I feel better than James Brown"