Date: Wed, 10 May 2000 05:52:46 -0700 From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> To: Peter van Dijk <petervd@vuurwerk.nl> Cc: security@FreeBSD.ORG Subject: Re: envy.vuurwerk.nl daily run output Message-ID: <3.0.5.32.20000510055246.009b9100@infidel.boolean.net> In-Reply-To: <20000510140053.G46065@vuurwerk.nl> References: <20000509215515.B29766@cc942873-a.ewndsr1.nj.home.com> <20000509150609.L42267@vuurwerk.nl> <20000509215515.B29766@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 02:00 PM 5/10/00 +0200, Peter van Dijk wrote: >On Tue, May 09, 2000 at 09:55:16PM -0400, Crist J. Clark wrote: >> On Tue, May 09, 2000 at 03:06:09PM +0200, Peter van Dijk wrote: >> > [snip] >> > >> > Backup passwd and group files: >> > envy.vuurwerk.nl passwd diffs: >> > 3c3 >> > < root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/bash >> > --- >> > > root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/bash >> > [snip] Actually, the use of "password" could mask a change... consider < root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/bash --- > root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/tcsh The admin would likely assume only the shell has changed even though password may have changed. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20000510055246.009b9100>