Re: full disclosure

[nms () hacksaw rutgers edu (Doug Siebert)]

> From: morgan () engr uky edu (Wes Morgan)
...text removed...
> ObBug: As shipped, AT&T SVR4 3.1 for the StarServer E creates logfiles
>         /tmp/rlogind and /tmp/ftpd.  The rlogind logfile is harmless
>         enough, but the ftpd logfile includes userids and passwords. By
>         default, the files are world readable.
>
> Workaround: I could never find a patch from NCR/ATT.  I created an
>              empty /tmp/ftpd during boot, protecting it at 600.  This
>              does not prevent entries from being made, but it does keep
>              the information (relatively) private.
>
> --Wes

   Your solution uses the fact that an existing /tmp/ftpd file is appended
to if it already exists.  Using this info a better way would be to edit
the binary and replace the /tmp/ftpd string with /dev/null.  After editing
don't forget to update your cryptographic checksum database.

-nms