On 2005-03-05 17:26:24 -0700 (Sat, Mar), Mike Melanson wrote: > Walter Dnes wrote: > > Am I compromised, or does Gentoo go around creating a bunch of users > >just for the hell of it? here's a bunch of users I don't understand > > No, this is all pretty standard. Plus, the fact that the shells are > all /bin/false makes it impossible to log in as those user and get an > interactive shell. For added peace of mind, check your /etc/shadow > directory, where the actual passwords are kept. The passwords fields are > '*' or '!' which are impossible to hash to using the password hashing > algorithm. That makes it doubly impossible to ever log in as those users.
Wouldn't some PAM magic skip over this? auth sufficient /lib/security/pam_localuser.so Hovewer, if an attacker can configure PAM, she does not need an entry in /etc/passwd ;-) Just my 2 euro.. -- $ ls -lart /bin/ls: you must be root to use LART
pgpMm1dpFF4ky.pgp
Description: PGP signature