Casinos Not On Gamstop Non Gamstop Casinos Casinos Not On Gamstop Online Casinos UK Non Gamstop Casino
1st Jan 1996 [SBWID-204]
COMMAND
	    sysinstall
SYSTEMS AFFECTED
	    FreeBSD 2.1, 2.1.5, 2.1.6, 2.1.7, 2.2 and 2.2.1.
PROBLEM
	    Sysinstall is used both for fresh installations of FreeBSD as well
	    as post installation updates, like installing packages from  CDROM
	    or ftp sites.
	    One of the port installation  options in sysinstall is to  install
	    an anonymous ftp setup  on the system. In  such a setup, an  extra
	    user  needs  to  be  created  on  the system, with username 'ftp'.
	    This user is  created with the  shell equal to  '/bin/date' and an
	    empty  password.   Under  some  circumstances,  this  will   allow
	    unauthorized access of system resources.
SOLUTION
	    This is corrected in all versions as of 1997-04-01. This  includes
	    the installation floppies for FreeBSD 2.2.1 found on:
	
	        ftp://ftp.FreeBSD.org/pub/FreeBSD/2.2.1-RELEASE/floppies/newer/
	
	    Also the CDROM of FreeBSD 2.2.1 has this problem corrected.
	    You can also change the entry of the ftp user such that is has  an
	    invalid  password  and  an  invalid  shell.  This  can  be done by
	    becoming the superuser, and use  the vipw command. Go to  the line
	    that starts with ftp::  and  change ftp:: to ftp:*:  Also  change,
	    on the same line, the shell from /bin/date to /nonexistent.
	    If you  have not  yet used  sysinstall to  create an anonymous ftp
	    setup, but  are planning  to, please  apply one  of the  following
	    patches:
	    Patch for FreeBSD 2.1.5, 2.1.6, 2.2 and 2.2.1:
	
	    --- anonFTP.c       1996/04/28 03:26:42     1.14
	    +++ anonFTP.c       1997/04/07 17:20:16
	    @@ -195,7 +195,7 @@
	        return (DITEM_SUCCESS);         /* succeeds if already exists */
	        }
	    -    sprintf(pwline, "%s::%s:%d::0:0:%s:%s:/bin/date\n", FTP_NAME, tconf.uid, gid, tconf.comment, tconf.homedir);
	    +    sprintf(pwline, "%s:*:%s:%d::0:0:%s:%s:/nonexistent\n", FTP_NAME, tconf.uid, gid, tconf.comment, tconf.homedir);
	        fptr = fopen(_PATH_MASTERPASSWD,"a");
	        if (! fptr) {
	
	    Patch for FreeBSD 2.1:
	
	    --- anonFTP.c       1995/11/12 07:27:55     1.6
	    +++ anonFTP.c       1997/04/03 19:29:21
	    @@ -201,7 +201,7 @@
	         return (RET_SUCCESS);  /* succeeds if already exists */
	        }
	    -   sprintf(pwline, "%s::%s:%d::0:0:%s:%s:/bin/date\n", FTP_NAME, tconf.uid, gid, tconf.comment, tconf.homedir);
	    +   sprintf(pwline, "%s:*:%s:%d::0:0:%s:%s:/nonexistent\n", FTP_NAME, tconf.uid, gid, tconf.comment, tconf.homedir);
	        fptr = fopen(_PATH_MASTERPASSWD,"a");
	        if (! fptr) {
Internet highlights

Casino Not On Gamstop