Re: Re: Using Unix passwd/shadow to authenticate in perl

I don't think you you quite understand what I suggested. If you already have FTP enabled (and on 7.2 thats default) why not use it for authenication.

Well, you do run another program with special permissions, and it's called 'ftpd'. Not something I recommend to solve this problem.

So we should all turn off FTP on our servers?
Your not running ftpd with some special permissions, your actually attempting to login to ftp localhost.

I'm not saying this is the best method, but it is a perfectly acceptable solution for the Linux world where scripts and other programs are the building blocks for you to use.

ronzo

Comment on Re: Re: Using Unix passwd/shadow to authenticate in perl

Replies are listed 'Best First'.
Re: Re: Re: Using Unix passwd/shadow to authenticate in perl by bennomatic (Initiate) on Sep 26, 2003 at 21:48 UTC
I don't think you you quite understand what I suggested. If you already have FTP enabled (and on 7.2 thats default) why not use it for authenication. Actually, I've turned off the default (wu-ftpd) FTP daemon because it had some security holes that caused me to get hax0rd by some script kiddies some time ago. I replaced it with VSFTPd which, by all accounts, is supposed to be as bullet-proof as people's passwords. Yeah, that's still a weak point, but it's better than letting anyone with a pre-configured hax0r script break in without even thinking about it. But since I am running an ftpd, I may as well use it!	[reply]
Re: Using Unix passwd/shadow to authenticate in perl by Abigail-II (Bishop) on Sep 26, 2003 at 17:29 UTC
So we should all turn off FTP on our servers? Yes! Any smart sysadmin will turn of FTP services, especially non-anonymous FTP services. Your not running ftpd with some special permissions, your actually attempting to login to ftp localhost. To be able to do that, you got to have something running on the FTP port. That something, which is often called ftpd, has got to read /etc/system. To be able to do so, that something needs special (UID = 0) permissions. Abigail	[reply]