Date: Fri, 04 Jan 2002 07:41:17 -0800 From: Greg Shenaut <greg@bogslab.ucdavis.edu> To: security@FreeBSD.ORG Subject: Re: nologin hole? Message-ID: <200201041541.g04FfHW79473@thistle.bogs.org> In-Reply-To: Your message of "Fri, 04 Jan 2002 14:51:54 GMT." <20020104145154.A15764@spoon.pkl.net>
index | next in thread | previous in thread | raw e-mail
In message <20020104145154.A15764@spoon.pkl.net>, Rik cleopede: >On Fri, Jan 04, 2002 at 07:18:55AM +0300, Дмитрий Подкорытов wrote: >> Maybe this result my paranoya. ;-) >> And maybe not. Very posible You can extract use from this. >> In Free BSD I'am found, that user with disabled terminal entering has login >> shell named 'nologin'. > >So use /bin/false instead then. Or /bin/date, etc. Or write your own, as >was suggested. What is the downside either of using a completely nonexistent shell, such as "/bin/sh/nologin", or of using just the string "nologin", but treating it as a special case so that no shell is started at all? Greg Shenaut To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201041541.g04FfHW79473>