From owner-freebsd-bugs Thu Mar 13 04:50:05 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id EAA25715 for bugs-outgoing; Thu, 13 Mar 1997 04:50:05 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id EAA25709; Thu, 13 Mar 1997 04:50:02 -0800 (PST) Resent-Date: Thu, 13 Mar 1997 04:50:02 -0800 (PST) Resent-Message-Id: <199703131250.EAA25709@freefall.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, Received:(from nobody@localhost) by.freefall.freebsd.org.id.EAA25660;Thu; (8.8.5/8.8.5);, 13 Mar 1997 04:48:57.-0800 (PST) Message-Id: <199703131248.EAA25660@freefall.freebsd.org> Date: Thu, 13 Mar 1997 04:48:57 -0800 (PST) From: phillip@pm.cse.rmit.edu.au To: freebsd-gnats-submit@freebsd.org X-Send-Pr-Version: www-1.0 Subject: docs/2978: "man 5 passwd" suggests use of a shell script for (INSECURE) messaging Sender: owner-bugs@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >Number: 2978 >Category: docs >Synopsis: "man 5 passwd" suggests use of a shell script for (INSECURE) messaging >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 13 04:50:01 PST 1997 >Last-Modified: >Originator: Phillip Musumeci >Organization: RMIT Computer Systems Eng. Dept. >Release: 3.0 SNAP (January 1997), 2.1.5R, 2.1.6R >Environment: 3.0-970114-SNAP >Description: shells remapped and therefore be denied access. All other NIS password records will be ignored. The administrator may add a wildcard entry to the end of the list such as: +:::::::::/usr/local/bin/go_away /usr/local/bin/go_away can be a short shell or program... >How-To-Repeat: man 5 passwd >Fix: We should not suggest that a shell script be run for users that we are trying to STOP being able to use a system. A nasty user might attempt to suspend the shell script before it terminated (or executed some trap commands to handle being suspended) and so STILL LOG IN. >Audit-Trail: >Unformatted: