Re: noboby with a shell !!
Yoann <debian-yoann@ifrance.com> writes:
> there is an * in /etc/shadow for nobody, but all services (ftp, web...)
> are running with the uid nobody so if there is an attack on an unknow
> bug (I keep up to date all services) on those services (buffer overflow
> for example), It's will be unsercure.. .
It will be unsecure even if the shell field is filled with garbage...
1) The buffer overflow kind of attack is to launch a program from
within another, a shell for example.
2) The shell shield (more easy to write than to tell) is used by:
- /bin/login to launch a shell, or a pppd in some case
- /*/ftpd to allow (/bin/true) or disallow (/bin/false) ftp access
- probably lot of others programs.
HTH.
--
Reality always seems harsher in the early morning.
--
François TOURDE - tourde.org - 23 rue Bernard GANTE - 93250 VILLEMOMBLE
Tél: 01 49 35 96 69 - Mob: 06 81 01 81 80
eMail: mailto:francois@tourde.org - URL: http://francois.tourde.org/
Reply to: