Hi Arto, Arto Jonsson wrote on Sun, Mar 23, 2014 at 08:09:02PM +0200:
> Or should this check removed completely? Yes, and Gleydson Soares has Andrew's and my OK for removing check_ftpusers() completely. I don't think checking for "nobody" is needed. Hopefully, "nobody" will have no password set up, anyway. Yours, Ingo > Index: security > =================================================================== > RCS file: /cvs/src/libexec/security/security,v > retrieving revision 1.23 > diff -u -p -r1.23 security > --- security 21 Mar 2013 09:37:37 -0000 1.23 > +++ security 23 Mar 2014 18:07:11 -0000 > @@ -287,11 +287,11 @@ sub check_ksh { > } > } > > -# Root and uucp should both be in /etc/ftpusers. > +# nobody should be in /etc/ftpusers. > sub check_ftpusers { > my $filename = '/etc/ftpusers'; > nag !(open my $fh, '<', $filename), "open: $filename: $!" and return; > - my %banned = qw(root 1 uucp 1); > + my %banned = qw(nobody 1); > while (<$fh>) { > chomp; > delete $banned{$_}; >