From owner-freebsd-security  Tue Jun 18 13:19:41 2002
Delivered-To: freebsd-security@freebsd.org
Received: from krypton.delete.org (krypton.delete.org [209.15.179.208])
	by hub.freebsd.org (Postfix) with ESMTP id B43F037B40B
	for <freebsd-security@FreeBSD.ORG>; Tue, 18 Jun 2002 13:19:33 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	by krypton.delete.org (Postfix) with ESMTP
	id B89272C942F; Tue, 18 Jun 2002 16:08:57 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
	by krypton.delete.org (Postfix) with ESMTP
	id C1D1B2C942E; Tue, 18 Jun 2002 16:08:56 -0400 (EDT)
Date: Tue, 18 Jun 2002 16:08:56 -0400 (EDT)
From: Alex Michlin <alex@delete.org>
To: Eric F Crist <ecrist@adtechintegrated.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: RE: Disable Login
In-Reply-To: <001c01c21700$664e94e0$77fe180c@armageddon>
Message-ID: <Pine.BSF.4.40.0206181604280.6845-100000@krypton.delete.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by AMaViS snapshot-20010714
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

I remember seeing a FreeBSD advisory on a bug in login.  Now, for the
real story... What is behind this is: I just downloaded the latest Saint
version and ran it against a server.  It said there login was vunerable.
I'm not sure how it knows if there is a bug or just information (but it is
listed under the critical section).

Thanks again,

Alex

On Tue, 18 Jun 2002, Eric F Crist wrote:

> What kind of a bug in login are you seeing?  If you completely disable
> the login utility, you would not be able to logon locally, which could
> make an upgrade difficult.  If you simply want to disable logon for
> specific users, simply set their shell to /etc/nologin or some other
> non-existent file/shell.
>
> HTH
>
> Eric F Crist
> President/Sys Admin
> AdTech Integrated Systems, Inc
> http://www.adtechintegrated.com
>
>
> -----Original Message-----
> From: owner-freebsd-security@FreeBSD.ORG
> [mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Alex Michlin
> Sent: Tuesday, June 18, 2002 2:23 PM
> To: freebsd-security@FreeBSD.ORG
> Subject: Disable Login
>
> I have a FreeBSD 4.2 server with a bug in login.  I cannot reboot the
> server to upgrade the os (make world...).  As a temporary fix, can I
> chmod
> 000 logon or possibly even remove it completely?  Should everything
> function correctly? (OpenSSH mainly)?
>
> TIA,
>
> Alex
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message