Date: Tue, 18 Jun 2002 16:08:56 -0400 (EDT) From: Alex Michlin <alex@delete.org> To: Eric F Crist <ecrist@adtechintegrated.com> Cc: freebsd-security@FreeBSD.ORG Subject: RE: Disable Login Message-ID: <Pine.BSF.4.40.0206181604280.6845-100000@krypton.delete.org> In-Reply-To: <001c01c21700$664e94e0$77fe180c@armageddon>
next in thread | previous in thread | raw e-mail | index | archive | help
I remember seeing a FreeBSD advisory on a bug in login. Now, for the real story... What is behind this is: I just downloaded the latest Saint version and ran it against a server. It said there login was vunerable. I'm not sure how it knows if there is a bug or just information (but it is listed under the critical section). Thanks again, Alex On Tue, 18 Jun 2002, Eric F Crist wrote: > What kind of a bug in login are you seeing? If you completely disable > the login utility, you would not be able to logon locally, which could > make an upgrade difficult. If you simply want to disable logon for > specific users, simply set their shell to /etc/nologin or some other > non-existent file/shell. > > HTH > > Eric F Crist > President/Sys Admin > AdTech Integrated Systems, Inc > http://www.adtechintegrated.com > > > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Alex Michlin > Sent: Tuesday, June 18, 2002 2:23 PM > To: freebsd-security@FreeBSD.ORG > Subject: Disable Login > > I have a FreeBSD 4.2 server with a bug in login. I cannot reboot the > server to upgrade the os (make world...). As a temporary fix, can I > chmod > 000 logon or possibly even remove it completely? Should everything > function correctly? (OpenSSH mainly)? > > TIA, > > Alex > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.40.0206181604280.6845-100000>