Date: Tue, 11 Feb 1997 01:20:44 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: hackers@freebsd.org Subject: Re: 'nologin' program for disabling user accounts Message-ID: <Mutt.19970211012044.j@uriah.heep.sax.de> In-Reply-To: <199702102140.OAA05879@xmission.xmission.com>; from Softweyr LLC on Feb 10, 1997 14:40:29 -0700 References: <Pine.NEB.3.94.970209144949.29838A-100000@misery.sdf.com> <199702102140.OAA05879@xmission.xmission.com>
next in thread | previous in thread | raw e-mail | index | archive | help
As Softweyr LLC wrote: > Security and logging. The BSD4.4 nologin program is a shell script, > which is rarely a good idea to use for a login shell due to the ability > of the user to INTR and get a shell, if he's fast enough. No, he can't. If he interrupts it, he's logged off again, since he killed his login `shell'. > Also, the > standard nologin.sh doesn't log the attempted access, which means the > system administrator doesn't know that somebody has been trying to use > the disabled account. But that's easy to add (and probably a useful addition anyway), since there's always logger(1). The only known security pitfall for a #!/bin/sh executable as a login shell is that you can export ENV to /etc/shells in a telnet session. In this case, the shells there will be executed, but it goes into a $ENV loop until the user runs out of processes. This has been fixed later by merging the -p option idea from ksh, and using this option in /sbin/nologin. I've just asked the 2.1.x maintainers to merge this change, too. -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19970211012044.j>