Subject: Re: CVS commit: src
To: Jonathan Stone <jonathan@dsg.stanford.edu>
From: None <seebs@plethora.net>
List: current-users
Date: 03/16/1999 18:13:55
In message <199903162358.PAA06908@Cup.DSG.Stanford.EDU>, Jonathan Stone writes:
>The obvious technical question is whether to filter out just
> ^toor:*:
>or try and filter out all login accounts with disabled passwd fields.
There are other ways to get access to an account.
-r-sr-xr-x 1 toor bin 148852 Nov 13 12:50 /usr/home/foo/bin/sh
Not sure the system is smart enough to spot something like that. Certainly
easy to get buried.
>Comments? Do we Really Need a /bin/sh superuser login until this gets
>resolved, even with the warnings from /etc/security?
I don't think so. I prefer sh, but it's not goiong to break me to have to
type it in.
-s