Hosting Provided By

Re: User?s and Shells

From: Zow <zow(at)llnl.gov>
Date: Fri Dec 27 2002 - 11:03:21 EST

> > Humm. . . On my Mandrake 9.0 box, the rpm user's shell is set to

I'm sorry -- I wasn't precise enough in my choice of words. By "safely", I meant with respect to the intended functionality of the system, not necessarily the security of the system. And you're absolutely right: having /bin/false there doesn't provide any guarantee of security. It will, however, aid in protecting against using the account with a default password that was unintentionally left on the system, or a brute-force attack against that account. Problems with /bin/false aside, if an attacker can run arbitrary code as a given user, it doesn't matter what shell (if any) that user is assigned in /etc/passwd: the attacker can just exec whatever shell they want.

Terry

#include <disclaimer> Received on Sat Dec 28 01:45:22 2002

This message: [ Message body ]
Next message: Jason Bowman: "Re: User?s and Shells"
Previous message: Nicole Nicholson: "Re: User?s and Shells"
Maybe in reply to: Brian Hatch: "Re: User?s and Shells"
In reply to Glynn Clements: "Re: User?s and Shells"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:19 EDT