Bug#556522: hurd - using the login shell is insecure

To: Justus Winter <4winter@informatik.uni-hamburg.de>
Cc: 556522@bugs.debian.org
Subject: Bug#556522: hurd - using the login shell is insecure
From: Samuel Thibault <sthibault@debian.org>
Date: Wed, 12 Jan 2011 02:27:22 +0100
Message-id: <[🔎] 20110112012722.GG10535@const.famille.thibault.fr>
Reply-to: Samuel Thibault <sthibault@debian.org>, 556522@bugs.debian.org
In-reply-to: <[🔎] 20110112003935.582edaba@thinkbox.jade-hamburg.de>
References: <[🔎] 20110110003607.4f627c5c@thinkbox.jade-hamburg.de> <[🔎] 20110109235346.GU17895@const.famille.thibault.fr> <[🔎] 20110112003935.582edaba@thinkbox.jade-hamburg.de>

Justus Winter, le Wed 12 Jan 2011 00:39:35 +0100, a écrit :
> diff -r a95557dc73eb debian/postrm
> --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
> +++ b/debian/postrm	Tue Jan 11 23:38:12 2011 +0000
> @@ -0,0 +1,20 @@
> +#!/bin/sh
> +set -e
> +
> +if [ "$1" = purge ]; then
> +  remove-shell /bin/loginpr
> +  if ! deluser --quiet --system login > /dev/null; then
> +    echo "
> +Removing the user 'login' failed, most likely because the user is still
> +logged in. To remove the user and group terminate the session in question
> +and execute

Mmm, we're talking about the hurd package, right?  I doubt we should
take more care about purging it than what you propose, since it's a
required package :)

Samuel

Reply to:

References:
- Bug#556522: hurd - using the login shell is insecure
  - From: Justus Winter <4winter@informatik.uni-hamburg.de>
- Bug#556522: hurd - using the login shell is insecure
  - From: Samuel Thibault <sthibault@debian.org>
- Bug#556522: hurd - using the login shell is insecure
  - From: Justus Winter <4winter@informatik.uni-hamburg.de>

Prev by Date: Bug#556522: hurd - using the login shell is insecure
Next by Date: New debian-ports archive signing key (2011)
Previous by thread: Bug#556522: hurd - using the login shell is insecure
Next by thread: Bug#556522: hurd - using the login shell is insecure
Index(es):
- Date
- Thread