A member of the proftpd mailing list and myself discovered a problem with proftpd with mod_sqlpw.c optional module compiled in. Unix last command reveals passwords where the username should be. A patch was sent to the mailing list, however, the patch only protects ftp localhost not ftp remotehost. Johnie Ingram (Author of mod_sqlpw.c) was notified, as well as, the rest of the mailing list. I suggest the following work around: <Global> Wtemplog off </Global> Wtmplog details below: WtmpLog Syntax: WtmpLog on|off|NONE Default: WtmpLog on Context: server config, <VirtualHost>, <Anonymous>, <Global> Compatibility: 1.1.7 and later The WtmpLog directive controls proftpd's logging of ftp connections to the host system's wtmp file (used by such commands as `last'). By default, all connections are logged via wtmp. _Todd
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:13:23 PDT