Date: Thu, 13 Mar 1997 04:48:57 -0800 (PST) From: phillip@pm.cse.rmit.edu.au To: freebsd-gnats-submit@freebsd.org Subject: docs/2978: "man 5 passwd" suggests use of a shell script for (INSECURE) messaging Message-ID: <199703131248.EAA25660@freefall.freebsd.org> Resent-Message-ID: <199703131250.EAA25709@freefall.freebsd.org>
index | next in thread | raw e-mail
>Number: 2978
>Category: docs
>Synopsis: "man 5 passwd" suggests use of a shell script for (INSECURE) messaging
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Mar 13 04:50:01 PST 1997
>Last-Modified:
>Originator: Phillip Musumeci
>Organization:
RMIT Computer Systems Eng. Dept.
>Release: 3.0 SNAP (January 1997), 2.1.5R, 2.1.6R
>Environment:
3.0-970114-SNAP
>Description:
shells remapped and therefore be denied access. All other NIS password
records will be ignored. The administrator may add a wildcard entry to
the end of the list such as:
+:::::::::/usr/local/bin/go_away
<snip>
/usr/local/bin/go_away can be a short shell or program...
>How-To-Repeat:
man 5 passwd
>Fix:
We should not suggest that a shell script be run for users that
we are trying to STOP being able to use a system. A nasty user
might attempt to suspend the shell script before it terminated
(or executed some trap commands to handle being suspended) and
so STILL LOG IN.
>Audit-Trail:
>Unformatted:
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703131248.EAA25660>