Re: User?s and Shells

From: Philipp Schulte (pschulte@uni-duisburg.de)
Date: 12/19/02

  • Next message: Christian Hammers: "Re: User?s and Shells"
    Date: Thu, 19 Dec 2002 21:04:06 +0100
    From: Philipp Schulte <pschulte@uni-duisburg.de>
    To: "'focus-linux@securityfocus.com'" <focus-linux@securityfocus.com>
    
    

    OTERO Hernan Gustavo EDS wrote:

    > Looking in the /etc/passwd in my RH 8.0 instalation, the users
    >
    > news:x:9:13:news:/etc/news:
    > rpm:x:37:37::/var/lib/rpm:/bin/bash
    >
    > has shell. Why this users need shell?

    I don't know why RH does this. But having a valid shell in /etc/passwd
    is not sufficent for an attacker. The account also must have a valid
    password in /etc/shadow (or wherever your OS keeps them). Usually the
    role-accounts look somewhat like this:

    bin:*:9797:0:::::
    ftp:*:9797:0:::::
    daemon:*:9797:0:::::
    adm:*:9797:0:::::

    The "*" or some other symbol like "!" means, that this is not a valid
    password and so nobody can enter a correct password for this account.
    Phil



    Relevant Pages

    • Re: should i lock system accounts
      ... replace *what* with a valid shell? ... replacing a file with a shell if they could just alter the ... "Accounts that are not being used by regular users should be locked. ... the password field for the account be set to an invalid string (which ...
      (comp.unix.solaris)
    • RE: SSH mail server experiments
      ... By default I believe most FTP daemons will not allow a user to login without ... A valid shell is a shell that is listed in the file ... People should be able to just SSH into my server and instead of a shell, ...
      (Security-Basics)
    • Re: should i lock system accounts
      ... replace *what* with a valid shell? ... replacing a file with a shell if they could just alter the ... "Accounts that are not being used by regular users should be locked. ... the password field for the account be set to an invalid string (which ...
      (comp.unix.solaris)
    • Re: using ssh to run remote commands?
      ... I've been using my simplified shell for theese reasons. ... security issue can be easily resolved by AllowExec parameter in sshd.conf. ... > shell, so unless you patch it, you _must_ give the user a valid shell. ... > command. ...
      (FreeBSD-Security)
    • Re: Crash upon accessing View menu in Windows Explorer
      ... if the same thing happens with another admin account it may ... > 1) The problem occurs not just in Windows Explorer and My Computer, etc., ... > 4) I checked which Shell Extensions (using the Shell Viewer program you ... > similar Shell Extension called $Address, ...
      (microsoft.public.windowsxp.general)