From owner-freebsd-security Thu Nov 16 1:21: 1 2000 Delivered-To: freebsd-security@freebsd.org Received: from castle.dreaming.org (castle.dreaming.org [209.146.217.193]) by hub.freebsd.org (Postfix) with ESMTP id DF7C137B4CF; Thu, 16 Nov 2000 01:20:57 -0800 (PST) Received: from cr592943a (cr592943-a.bloor1.on.wave.home.com [24.156.38.199]) by castle.dreaming.org (8.11.1/8.11.1) with SMTP id eAG9KjD47802; Thu, 16 Nov 2000 04:20:49 -0500 (EST) (envelope-from mit@mitayai.net) From: "Will Mitayai Keeso Rowe" To: "Rossen Raykov" , Cc: Subject: RE: Shell acces with not specified shell in /etc/shells (Re: problem using sysinstall) Date: Thu, 16 Nov 2000 04:21:34 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <010701c04f51$8d2659e0$4c00000a@sage> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org does ssh check /etc/shells ? -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Rossen Raykov Sent: Wednesday, November 15, 2000 5:15 PM To: kris@FreeBSD.ORG Cc: security@FreeBSD.ORG Subject: Shell acces with not specified shell in /etc/shells (Re: problem using sysinstall) Initially the /etc/shells file contains an empty line (between the comments and the first shell). I tough that this is the reason why login is granted on a person without shell in /etc/passwd. But I ware wrong! I removed this line from /etc/shells and even after that I was able to gain root command prompt after a valid password. The shell is /bin/sh Don't this violate the idea of /etc/shells? Regards, Rossen ----- Original Message ----- From: To: Cc: ; Sent: Wednesday, November 15, 2000 4:53 PM Subject: Re: problem using sysinstall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message