netbsd-bugs: bin/1571: ftpd should use LOG_AUTHPRIV when logging failed logins

Subject: bin/1571: ftpd should use LOG_AUTHPRIV when logging failed logins
To: None <gnats-bugs@gnats.netbsd.org>
From: None <jarle@idt.unit.no>
List: netbsd-bugs
Date: 10/04/1995 16:13:32
>Number:         1571
>Category:       bin
>Synopsis:       ftpd should use LOG_AUTHPRIV when logging failed logins
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Thu Oct  5 22:20:10 1995
>Last-Modified:
>Originator:     Jarle Greipsland
>Organization:
Confidential Softwar Foundation
	
>Release:        01.10.95
>Environment:
	
System: NetBSD darling.idt.unit.no 1.0A NetBSD 1.0A (DARLING) #7: Mon Oct 2 22:45:19 MET 1995 jarle@darling.idt.unit.no:/usr/src/sys/arch/i386/compile/DARLING i386


>Description:
The current ftpd uses LOG_NOTICE and the default facility of LOG_FTP even
when it's logging user names on failed login attempts.  This implies that
what is specified as the username will get logged into whatever file
LOG_FTP|LOG_NOTICE goes into.  Users that mistakenly give their passwd as
the login name will have their passwd logged for all(?) to see.  I am of
the opinion that failed login attempts should be logged with the
LOG_AUTHPRIV facility.

	
>How-To-Repeat:
`Fail' a login attempt with ftp, and then search whatever log file(s) ftpd
logs to for your username.
	
>Fix:

*** ftpd.c.orig	Wed Oct  4 15:31:41 1995
--- ftpd.c	Wed Oct  4 15:36:39 1995
***************
*** 455,462 ****
  		if (cp == NULL || checkuser(_PATH_FTPUSERS, name)) {
  			reply(530, "User %s access denied.", name);
! 			if (logging)
  				syslog(LOG_NOTICE,
  				    "FTP LOGIN REFUSED FROM %s, %s",
  				    remotehost, name);
  			pw = (struct passwd *) NULL;
  			return;
--- 455,465 ----
  		if (cp == NULL || checkuser(_PATH_FTPUSERS, name)) {
  			reply(530, "User %s access denied.", name);
! 			if (logging) {
  				syslog(LOG_NOTICE,
+ 				    "FTP LOGIN REFUSED FROM %s", remotehost);
+ 				syslog(LOG_AUTHPRIV|LOG_NOTICE,
  				    "FTP LOGIN REFUSED FROM %s, %s",
  				    remotehost, name);
+ 			}
  			pw = (struct passwd *) NULL;
  			return;
***************
*** 575,582 ****
  		if (rval) {
  			reply(530, "Login incorrect.");
! 			if (logging)
  				syslog(LOG_NOTICE,
  				    "FTP LOGIN FAILED FROM %s, %s",
  				    remotehost, curname);
  			pw = NULL;
  			if (login_attempts++ >= 5) {
--- 578,588 ----
  		if (rval) {
  			reply(530, "Login incorrect.");
! 			if (logging) {
  				syslog(LOG_NOTICE,
+ 				    "FTP LOGIN FAILED FROM %s", remotehost);
+ 				syslog(LOG_AUTHPRIV|LOG_NOTICE,
  				    "FTP LOGIN FAILED FROM %s, %s",
  				    remotehost, curname);
+ 			}
  			pw = NULL;
  			if (login_attempts++ >= 5) {

						-jarle
-- 
"The Circus Theory of Project Management: If you have too many balls in
 the air, throw one to some other clown..."
                                        -- arch@cisco.com
>Audit-Trail:
>Unformatted: