Date: Thu, 11 Aug 2016 11:26:58 +0200 From: Mathieu Arnold <mat@FreeBSD.org> To: "O. Hartmann" <ohartman@zedat.fu-berlin.de>, freebsd-current <freebsd-current@freebsd.org>, freebsd-ports <freebsd-ports@freebsd.org> Subject: Re: Passwordless accounts vi ports! Message-ID: <660CDD44B902B2A0C050ACDD@atuin.in.mat.cc> In-Reply-To: <20160811070505.2c1a1466@freyja.zeit4.iv.bundesimmobilien.de> References: <20160811070505.2c1a1466@freyja.zeit4.iv.bundesimmobilien.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--==========B6449D206AE5EBE03813========== Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline +--On 11 ao=C3=BBt 2016 07:05:05 +0200 "O. Hartmann" <ohartman@zedat.fu-berlin.de> wrote: | I just checked the security scanning outputs of FreeBSD and found this | surprising result: |=20 | [...] | Checking for passwordless accounts: | polkitd::565:565::0:0:Polkit Daemon User:/var/empty:/usr/sbin/nologin | pulse::563:563::0:0:PulseAudio System User:/nonexistent:/usr/sbin/nologin | saned::194:194::0:0:SANE Scanner Daemon:/nonexistent:/bin/sh | clamav::106:106::0:0:Clamav Antivirus:/nonexistent:/usr/sbin/nologin | bacula::910:910::0:0:Bacula Daemon:/var/db/bacula:/usr/sbin/nologin | [...] |=20 | Obviously, some ports install accounts but do not secure them as there is | an empty password. |=20 | I consider this not a feature, but a bug. Mmmm, I rewrote the user/group creation thingie a few months back, a bug may have crept in, I'll have a look at it today. --=20 Mathieu Arnold --==========B6449D206AE5EBE03813========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJXrETiXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzQUI2OTc4OUQyRUQxMjEwNjQ0MEJBNUIz QTQ1MTZGMzUxODNDRTQ4AAoJEDpFFvNRg85IOb0P/1S5U8VdyHHUg/Rr2k5VUwzN dJTwtf1KGz7eOYnLwLNlXtOn8F853u51ujtleiPvPs5auyN8Rcb4ahVMvziYVxMs KsQTtQQUai2tAX+36G8sBK0MuVCCaA8zIdJ/KiuN/F0mGwmxs/Hq6W2gncLHy/r1 vNfqQ3RAHkbBQtiziwoaEv8ovHekRpjYWoqIaBhF/NeKkZdyPuNlGylNt8Gy0OHS 8aoVET+yS7BKn85Y4RHlDGskZrcC3bdF3x2z7ZlsaFHRw/OMMHyJeZDNxBchLCTA ApBiUErc9r2xCjkZHaqqh9S7RcjIG7kf5/zRU7DMhn5oh1NJR6RAoGBwte5oifO5 s/d5dsTn72U6ItXJb1ZxMNRVh/aBT14WjT3OKVMc+hzx2L/on84sNLQu8QTFbu0R p8VaiiVFJpwADYyvcflMPhn5Iipn5ASx7kPgyJk/NS5tFfyEeYkgYYfuxH97q6Cm sIhEzUxmjLDZkbkrT1i75Z/CHq4Un20YglFCkkLlf/i+HKoZomlsrg97ozRxRCkm BwUUG5geL1UDV+BonJ+YMsAS5stMF1sotPd4opabpbl8ciIB2AHqDWNKK/O3RYjZ yyV448XWVfiiMTpGuJxec5M8HsrV6JYdXGrpjgW5UuwsF47/GDvRUmyWnBpdVR/E V7rWkFJC4adnTnUChuiI =IYcA -----END PGP SIGNATURE----- --==========B6449D206AE5EBE03813==========--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?660CDD44B902B2A0C050ACDD>