Date: 23 Aug 1995 04:23:09 +0800 From: peter@haywire.dialix.com (Peter Wemm) To: freebsd-questions@freebsd.org Subject: Re: Account expiration bug or feature? Message-ID: <41debd$69i$1@haywire.DIALix.COM> References: <199508212314.QAA01813@wsantee.oz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
wsantee@wsantee.oz.net (Wes Santee) writes: >I noticed that when automatic account expiration goes into effect, the >users default shell isn't changed. That in and of itself is okay >because they are still denied access when trying to telnet in. >However, this still allows the user to ftp into the system because >(I'm assuming) ftpd see's a valid shell and doesn't pay attention to >the account expiration date. >Is the fact that the user can still get ftp access to system after >their account has expired considered a bug or a feature? Hmm.. Perhaps a hook in getpwent() and friends? If the account is expired, perhaps return a fake pw_shell? Of course, extreme care would need to be taken to ensure that the fake shell was not mistakenly copied back to the password file.. -Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41debd$69i$1>