Date: Tue, 14 Jul 1998 12:52:27 -0700 (PDT) From: Tom <tom@uniserve.com> To: Paulo Fragoso <paulo@nlink.com.br> Cc: Wes Peters <wes@softweyr.com>, jer@jorsm.com, freebsd-stable@FreeBSD.ORG Subject: Re: Finger and getpwent Message-ID: <Pine.BSF.3.96.980714125053.9463D-100000@shell.uniserve.ca> In-Reply-To: <Pine.BSF.3.96.980714150044.15666E-100000@mirage.nlink.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 14 Jul 1998, Paulo Fragoso wrote: > > > A *somewhat* better solution is to use my nologin program, which logs > > > attempts to login to disabled accounts via syslog. You can retrieve > > > > Except that nologin just stops shell logins, not all password > > authentication. So POP, IMAP, some FTP, RADIUS, all suceed. Munging the > > password field is better. Attempts to access disabled accounts is logged > > as well, as will all incorrect passwords. > > > > Because this I can't use "nologin" shells. I'm using "*" in initial > password string insted "#" in the beginning of line. > > I would like in future to use "#" in the beginning of the line. Because > it's more visualy :-) It also has a very different effect. Munging the password field by adding a "*" simply disables all authentiction, but the user still exists. This means that mail is still received. If the user is commented out, the user ceases to exist, and mail bounces. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980714125053.9463D-100000>