[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SHELL=/bin/false but user can still log in



Dirk,

The cleanest way of disabling services you don't want is with the
chkconfig command. Zapping /etc/init.d/nscd is a poor solution because the
file may be reinstalled if you upgrade.

Bob

 On Wed, 29 Oct 2003, Dirk Schreiner wrote:

> Hi,
>
> deactivate that f$)%§)$g NSCD.
>
> Better do a cat /dev/null > /etc/init.d/nscd
> as yast in some obscure cases automatically
> activates NSCD (insserv), and I never found
> a config Option to block this reactivation.
> (Often after SW-Installation. rpm-Scripts?)
> Maybe one of the SuSE-Guys can help with this.
>
>
> And then man NSCD.
>
>
> Dirk
>
>
> Hollweg, Daniel schrieb:
> > Hi List,
> >
> > I have an problem with my SuSe 8.2 installation with all current security patches applied.
> > If I enter /bin/false as login shell in the /etc/passwd the user can still login and gets shell
> > access. After rebooting the system the shell entry in the /etc/passwd is processed correct
> > and  a login attempt is closed as you would expect. Other entries like home dir in the passwd
> > are parsed correct.
> >
> > Any ideas?
> >
> > Thanks and regards
> > Daniel
> >
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>

==============================================================
Bob Vickers                     R.Vickers@xxxxxxxxxxxxx
Dept of Computer Science, Royal Holloway, University of London
WWW:    http://www.cs.rhul.ac.uk/home/bobv
Phone:  +44 1784 443691

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here