From owner-freebsd-security Fri Mar 31 5:19:48 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.euroweb.hu (mail.euroweb.hu [193.226.220.4]) by hub.freebsd.org (Postfix) with ESMTP id 66CBB37B50C for ; Fri, 31 Mar 2000 05:19:45 -0800 (PST) (envelope-from hu006co@mail.euroweb.hu) Received: (from hu006co@localhost) by mail.euroweb.hu (8.8.5/8.8.5) id PAA28803; Fri, 31 Mar 2000 15:19:41 +0200 (MET DST) Received: (from zgabor@localhost) by CoDe.hu (8.9.3/8.8.8) id PAA00755; Fri, 31 Mar 2000 15:03:20 +0200 (CEST) (envelope-from zgabor) From: Zahemszky Gabor Message-Id: <200003311303.PAA00755@CoDe.hu> Subject: Re: pamd with logons In-Reply-To: from Alex Michlin at "Mar 27, 0 10:54:38 pm" To: freebsd-security@freebsd.org Date: Fri, 31 Mar 2000 15:03:20 +0200 (CEST) Cc: alex@delete.org X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > How can I specify in pamd to deny all logons except for a select few? > I've seen in the past someone adding a user account using a ftp exploit. I > want to deny all logons except for my uid? It's not pamd (by the way, in BSD-land, it's only PAM), but normal login: man login.conf, eg. nologin, or shell=/usr/bin/false, etc. ZGabor at CoDe dot HU -- #!/bin/ksh Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message