Re: [Full-Disclosure] Vulnerability in sourceforge.net

• Previous message: Todd Towles: "RE: [Full-Disclosure] Vulnerability in sourceforge.net"
• In reply to: Todd Towles: "RE: [Full-Disclosure] Vulnerability in sourceforge.net"
• Next in thread: steve menard: "Re: [Full-Disclosure] Vulnerability in sourceforge.net"
• Reply: steve menard: "Re: [Full-Disclosure] Vulnerability in sourceforge.net"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Fri, 23 Jul 2004 00:50:49 +0200

nobody:*:32767:32767:Unprivileged user:/nonexistent:/sbin/nologin

Todd Towles wrote:
> Does OpenBSD do that?
>
> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com
> [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Gregory A.
> Gilliss
> Sent: Thursday, July 22, 2004 3:31 PM
> To: full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] Vulnerability in sourceforge.net
>
> Really...FreeBSD comes with user nobody set to /sbin/nologin out of the
> box. Maybe they should have chosen a better host OS?
>
> G
>
> On or about 2004.07.22 07:49:53 +0000, Todd Towles
> (toddtowles@brookshires.com) said:
>
>
>>Sounds like they should have configured that page a bit different...made
>
> it
>
>>run under a little less access...or said I say..it is a mis-configuration.
>>=)
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Todd Towles: "RE: [Full-Disclosure] Vulnerability in sourceforge.net"
• In reply to: Todd Towles: "RE: [Full-Disclosure] Vulnerability in sourceforge.net"
• Next in thread: steve menard: "Re: [Full-Disclosure] Vulnerability in sourceforge.net"
• Reply: steve menard: "Re: [Full-Disclosure] Vulnerability in sourceforge.net"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: [Full-Disclosure] Vulnerability in sourceforge.net ... On Thu, 22 Jul 2004, Gregory A. Gilliss wrote: ... I really do not see the connection to ... What on earth does the host OS have to do with this? ... (Full-Disclosure) Re: [Full-Disclosure] Vulnerability in sourceforge.net ... On Thu, 22 Jul 2004, Gregory A. Gilliss wrote: ... Maybe they should have chosen a better host OS? ... Charter: http://lists.netsys.com/full-disclosure-charter.html ... (Full-Disclosure) Re: OpenBSD vs. Linux ... > cover secure web server setup and maintenance, installation of ... > OpenBSD, and a host of other features about OpenBSD. ... (comp.unix.bsd.openbsd.misc) Re: how to know who failed to connect to sshd? ... > msg without the client's host address: ... OpenBSD does not use PAM. ... (comp.unix.bsd.openbsd.misc)