Bug#556522: hurd - using the login shell is insecure

To: 556522@bugs.debian.org
Subject: Bug#556522: hurd - using the login shell is insecure
From: Samuel Thibault <sthibault@debian.org>
Date: Mon, 16 Nov 2009 17:14:22 +0100
Message-id: <[🔎] 20091116161422.GN354@const.bordeaux.inria.fr>
Reply-to: Samuel Thibault <sthibault@debian.org>, 556522@bugs.debian.org
In-reply-to: <[🔎] 20091116142745.GA5364@wavehammer.waldi.eu.org>
References: <[🔎] 20091116142745.GA5364@wavehammer.waldi.eu.org>

Bastian Blank, le Mon 16 Nov 2009 15:27:45 +0100, a écrit :
> Hurd uses a login shell by default on the ttys. This is a security
> problem as it allows access with other permissions to all ressources.

Note: to do so we simply need to create a login account with default
shell set to /bin/loginpr and home set to /etc/login.

Samuel

Reply to:

References:
- Bug#556522: hurd - using the login shell is insecure
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Bug#556526: hurd - FHS violation: /libexec
Next by Date: Bug#556550: hurd - should support Unix98 ptys
Previous by thread: Bug#556522: hurd - using the login shell is insecure
Next by thread: Bug#556522: hurd - using the login shell is insecure
Index(es):
- Date
- Thread