From owner-freebsd-security Fri Jan 4 6:52: 4 2002 Delivered-To: freebsd-security@freebsd.org Received: from pkl.net (spoon.pkl.net [212.111.57.14]) by hub.freebsd.org (Postfix) with ESMTP id 41FD637B41C for ; Fri, 4 Jan 2002 06:51:59 -0800 (PST) Received: (from rik@localhost) by pkl.net (8.9.3/8.9.3) id OAA15905; Fri, 4 Jan 2002 14:51:54 GMT Date: Fri, 4 Jan 2002 14:51:54 +0000 From: Rik To: =?iso-8859-1?Q?=E4=CD=C9=D4=D2=C9=CA_=F0=CF=C4=CB=CF=D2=D9=D4=CF=D7?= Cc: freebsd-security@FreeBSD.ORG Subject: Re: nologin hole? Message-ID: <20020104145154.A15764@spoon.pkl.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i In-Reply-To: ; from podkorytov@mail.ru on Fri, Jan 04, 2002 at 07:18:55AM +0300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Jan 04, 2002 at 07:18:55AM +0300, Дмитрий Подкорытов wrote: > Maybe this result my paranoya. ;-) > And maybe not. Very posible You can extract use from this. > In Free BSD I'am found, that user with disabled terminal entering has login > shell named 'nologin'. So use /bin/false instead then. Or /bin/date, etc. Or write your own, as was suggested. -- PGP Key: D2729A3F - Keyserver: wwwkeys.uk.pgp.net - rich at rdrose dot org Key fingerprint = 5EB1 4C63 9FAD D87B 854C 3DED 1408 ED77 D272 9A3F Public key also encoded with outguess on http://rikrose.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message