Re: /etc/pwd.db

From: Domas Mituzas (domas.mituzas@delfi.lt)
Date: 03/02/01


Date: Fri, 2 Mar 2001 12:14:05 +0200 (EET)
From: Domas Mituzas <domas.mituzas@delfi.lt>
To: Matt Heckaman <matt@LUCIDA.CA>


>
> Better yet: pwd.db doesn't even contain any passwords! It's the functional
> equiv. of /etc/passwd. spwd.db contains the real passwords and is mode
> 0600 root:wheel. :)

actually if you keep some fake MD5 strings in $FTPROOT/etc/passwd it would
be a nice trap for all wannabe's (and also will point out totally stupid
clients ;-)

Cheers,
Domas

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message