Yoann <[EMAIL PROTECTED]> writes:

> there is an * in /etc/shadow for nobody, but all services (ftp, web...)
> are running with the uid nobody so if there is an attack on an unknow
> bug (I keep up to date all services) on those services (buffer overflow
> for example),  It's will be unsercure.. .

It will be unsecure even if the shell field is filled with garbage...

1) The buffer overflow kind of attack is to launch a program from
within another, a shell for example.

2) The shell shield (more easy to write than to tell) is used by:

- /bin/login to launch a shell, or a pppd in some case
- /*/ftpd to allow (/bin/true) or disallow (/bin/false) ftp access
- probably lot of others programs.

HTH.

-- 
Reality always seems harsher in the early morning.
-- 
François TOURDE - tourde.org - 23 rue Bernard GANTE - 93250 VILLEMOMBLE
Tél: 01 49 35 96 69 - Mob: 06 81 01 81 80
eMail: mailto:[EMAIL PROTECTED] - URL: http://francois.tourde.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to