[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: System users and valid shells...

On Mon, May 08, 2006 at 10:00:42AM +0100, Thiemo Seufer wrote:

> > You can surely explain why /bin/nologin is more secure than
> > /bin/false. I'm eager to learn.
> 
> I am curious why any of both would be more secure than /dev/null, a
> place which makes it hard to smuggle an infected binary into.

If the attacker has enough privileges to replace /bin/nologin or
/bin/false, then I fail to see what extra protection would /dev/null
give.

Also, applications expecting an executable binary as the login shell may
break when they find a device node there. And if the breakage is
exploitable, then using /dev/null may turn out to be less secure than
using /bin/bash.

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences
     ---------------------------------------------------------
Reply to: