Re: Why do system users have valid shells

To: <debian-security@lists.debian.org>
Subject: Re: Why do system users have valid shells
From: "Joe Moore" <joemoore@iegrec.org>
Date: Fri, 24 Oct 2003 12:07:49 -0400 (EDT)
Message-id: <[🔎] 20373.146.122.45.164.1067011669.squirrel@www.iegrec.org>
In-reply-to: <[🔎] 200310231158.15033.russell@coker.com.au>
References: <[🔎] 200310231158.15033.russell@coker.com.au>

Russell Coker said:
> On Thu, 23 Oct 2003 04:02, Joe Moore wrote:
>> I guess what I'm saying is that there are just as many ways to get
>> access to UID2 with "bin:x:2:2:bin:/bin:/bin/false" in the
>> /etc/passwd.  As there are with "bin:x:2:2:bin:/bin:/bin/sh".

(And bin:*: in /etc/shadow.  I left that out, but it was apparently assumed.)

>
> Name some examples.

0=0, in the case of non-buggy authentication code.

0=0, in the case of all known bugs in current code.

Who knows about the other cases?

--Joe

Reply to:

References:
- Re: Why do system users have valid shells
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: Why do system users have valid shells
Next by Date: Re: Why do system users have valid shells
Previous by thread: Re: Why do system users have valid shells
Next by thread: Re: Why do system users have valid shells
Index(es):
- Date
- Thread