Re: /etc/pwd.db

From: Domas Mituzas (
Date: 03/02/01

Date: Fri, 2 Mar 2001 12:14:05 +0200 (EET)
From: Domas Mituzas <>
To: Matt Heckaman <matt@LUCIDA.CA>

> Better yet: pwd.db doesn't even contain any passwords! It's the functional
> equiv. of /etc/passwd. spwd.db contains the real passwords and is mode
> 0600 root:wheel. :)

actually if you keep some fake MD5 strings in $FTPROOT/etc/passwd it would
be a nice trap for all wannabe's (and also will point out totally stupid
clients ;-)


To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message