Date: Thu, 16 Nov 2000 11:24:48 -0500 From: "Rossen Raykov" <rraykov@sageian.com> To: <security@FreeBSD.ORG> Subject: Re: Shell acces with not specified shell in /etc/shells Message-ID: <00a001c04fe9$bd403590$4c00000a@sage> References: <NEBBIEGPMLMKDBMMICFNIEDLDIAA.mit@mitayai.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is not ssh related. It is login related. And the correct question have to be: Is it normal to receive /bin/sh for a login shell if the user account doesn't contain any shell in /etc/passwd? ----- Original Message ----- From: <mit@mitayai.net> To: <rraykov@sageian.com>; <kris@FreeBSD.ORG> Cc: <security@FreeBSD.ORG> Sent: Thursday, November 16, 2000 4:21 AM Subject: RE: Shell acces with not specified shell in /etc/shells (Re: problem using sysinstall) > does ssh check /etc/shells ? > > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Rossen Raykov > Sent: Wednesday, November 15, 2000 5:15 PM > To: kris@FreeBSD.ORG > Cc: security@FreeBSD.ORG > Subject: Shell acces with not specified shell in /etc/shells (Re: problem > using sysinstall) > > > Initially the /etc/shells file contains an empty line (between the comments > and the first shell). > I tough that this is the reason why login is granted on a person without > shell in /etc/passwd. > But I ware wrong! > I removed this line from /etc/shells and even after that I was able to gain > root command prompt after a valid password. > The shell is /bin/sh > > Don't this violate the idea of /etc/shells? > > Regards, > Rossen > > ----- Original Message ----- > From: <kris@FreeBSD.ORG> > To: <rraykov@sageian.com> > Cc: <kris@FreeBSD.ORG>; <security@FreeBSD.ORG> > Sent: Wednesday, November 15, 2000 4:53 PM > Subject: Re: problem using sysinstall > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00a001c04fe9$bd403590$4c00000a>