From owner-freebsd-security Wed May 10 5:55:23 2000 Delivered-To: freebsd-security@freebsd.org Received: from vuurwerk.nl (envy.vuurwerk.nl [194.178.232.112]) by hub.freebsd.org (Postfix) with SMTP id 8C7A437B5C5 for ; Wed, 10 May 2000 05:55:15 -0700 (PDT) (envelope-from petervd@vuurwerk.nl) Received: (qmail 15365 invoked from network); 10 May 2000 12:55:08 -0000 Received: from kesteren.vuurwerk.nl (HELO vuurwerk.nl) (194.178.232.59) by envy.vuurwerk.nl with SMTP; 10 May 2000 12:55:08 -0000 Received: (qmail 47366 invoked by uid 11109); 10 May 2000 12:55:08 -0000 Mail-Followup-To: security@FreeBSD.ORG Date: Wed, 10 May 2000 14:55:08 +0200 From: Peter van Dijk To: security@FreeBSD.ORG Subject: Re: envy.vuurwerk.nl daily run output Message-ID: <20000510145508.M46065@vuurwerk.nl> References: <20000509215515.B29766@cc942873-a.ewndsr1.nj.home.com> <20000509150609.L42267@vuurwerk.nl> <20000509215515.B29766@cc942873-a.ewndsr1.nj.home.com> <20000510140053.G46065@vuurwerk.nl> <3.0.5.32.20000510055246.009b9100@infidel.boolean.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <3.0.5.32.20000510055246.009b9100@infidel.boolean.net>; from Kurt@OpenLDAP.org on Wed, May 10, 2000 at 05:52:46AM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, May 10, 2000 at 05:52:46AM -0700, Kurt D. Zeilenga wrote: > At 02:00 PM 5/10/00 +0200, Peter van Dijk wrote: > >On Tue, May 09, 2000 at 09:55:16PM -0400, Crist J. Clark wrote: > >> On Tue, May 09, 2000 at 03:06:09PM +0200, Peter van Dijk wrote: > >> > [snip] > >> > > >> > Backup passwd and group files: > >> > envy.vuurwerk.nl passwd diffs: > >> > 3c3 > >> > < root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/bash > >> > --- > >> > > root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/bash > >> > [snip] > > Actually, the use of "password" could mask a change... consider > > < root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/bash > --- > > root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/tcsh > > The admin would likely assume only the shell has changed even > though password may have changed. Now _there_ is a good point. We need password1/password2 for security. Damn. Greetz, Peter. -- Powered by WUT? - Peter van Dijk [student:sysadmin:developer:madly in love] | `Yes, this was actually a hack and not | (petervd@|www.)vuurwerk.nl | a scritp kiddie clicking a mouse button.' | www.dataloss.net | - hackernews.com, commenting on the apache.org deface To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message