On Fri, 24 Oct 2003 10:50, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you wrote:
> > I discovered I could 'su -' to root in the excluded ttys. Do you think
> > this is normal behaviour or does my system need re-configuration ?
>
> This is the intended normal behaviour. Idea behind it
In article <[EMAIL PROTECTED]> you wrote:
> I discovered I could 'su -' to root in the excluded ttys. Do you think
> this is normal behaviour or does my system need re-configuration ?
This is the intended normal behaviour. Idea behind it is to avoid random
admins logging into the system as root s
On Thu, Oct 23, 2003 at 10:13:16PM +, Ennio-Sr wrote:
> I limited root login to two ttys only (in /etc/securetty) but yesterday
> I discovered I could 'su -' to root in the excluded ttys. Do you think
> this is normal behaviour
Yes.
| [EMAIL PROTECTED]:/etc/pam.d# grep securetty *
| login:
On Fri, 24 Oct 2003 10:50, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you wrote:
> > I discovered I could 'su -' to root in the excluded ttys. Do you think
> > this is normal behaviour or does my system need re-configuration ?
>
> This is the intended normal behaviour. Idea behind it
In article <[EMAIL PROTECTED]> you wrote:
> I discovered I could 'su -' to root in the excluded ttys. Do you think
> this is normal behaviour or does my system need re-configuration ?
This is the intended normal behaviour. Idea behind it is to avoid random
admins logging into the system as root s
Hi, everybody on the NG.
This is my first post here and I hope it won't be the last one too :-)
[Using Debian/Woody-3.0 on knl 2.2.22 on a home PC.]
I limited root login to two ttys only (in /etc/securetty) but yesterday
I discovered I could 'su -' to root in the excluded ttys. Do you think
this
On Thu, Oct 23, 2003 at 10:13:16PM +, Ennio-Sr wrote:
> I limited root login to two ttys only (in /etc/securetty) but yesterday
> I discovered I could 'su -' to root in the excluded ttys. Do you think
> this is normal behaviour
Yes.
| [EMAIL PROTECTED]:/etc/pam.d# grep securetty *
| login:
Hi, everybody on the NG.
This is my first post here and I hope it won't be the last one too :-)
[Using Debian/Woody-3.0 on knl 2.2.22 on a home PC.]
I limited root login to two ttys only (in /etc/securetty) but yesterday
I discovered I could 'su -' to root in the excluded ttys. Do you think
this
On Thu, Oct 23, 2003 at 12:57:53PM +0100, Dale Amon wrote:
> If one isn't available, they are damn easy to write. I've
> probably got source laying around somewhere for one I wrote
> for NeXT's about a decade ago.
Well, Titan's noshell source code is available, I'm not sure if it's
license is DFS
On Thu, Oct 23, 2003 at 10:35:26AM -0500, Micah Anderson wrote:
> Try the package "falselogin"
>
That's not what I was looking for. I was looking for something that logged
connection attempts, which falselogin does not.
Regards
Javi
pgpvmmHktDV88.pgp
Description: PGP signature
On Thu, Oct 23, 2003 at 12:57:53PM +0100, Dale Amon wrote:
> If one isn't available, they are damn easy to write. I've
> probably got source laying around somewhere for one I wrote
> for NeXT's about a decade ago.
Well, Titan's noshell source code is available, I'm not sure if it's
license is DFS
Try the package "falselogin"
micah
Javier Fern?ndez-Sanguino Pe?a schrieb am Thursday, den 23. October 2003:
> On Wed, Oct 22, 2003 at 09:45:24AM +0200, Tobias Reckhard wrote:
> > Hi
> >
> > We recently noticed that a stock woody install produces an /etc/passwd
> > in which most, if not all, s
On Thu, Oct 23, 2003 at 10:35:26AM -0500, Micah Anderson wrote:
> Try the package "falselogin"
>
That's not what I was looking for. I was looking for something that logged
connection attempts, which falselogin does not.
Regards
Javi
pgp0.pgp
Description: PGP signature
I'm just sending this out as a 'request for comment' really --
I notice debian-stable has a package for squid which (besides being
security-updated already) still has a known buffer overflow in it
(although it is apparently of 'unknown risk').
See:
http://www.squid-cache.org/Versions/v2/2.4/bug
Try the package "falselogin"
micah
Javier Fern?ndez-Sanguino Pe?a schrieb am Thursday, den 23. October 2003:
> On Wed, Oct 22, 2003 at 09:45:24AM +0200, Tobias Reckhard wrote:
> > Hi
> >
> > We recently noticed that a stock woody install produces an /etc/passwd
> > in which most, if not all, s
On Thu, Oct 23, 2003 at 12:52:19PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
> I have meant to ask this question for some time too. Specially since some
> distributions (such as RedHat) provide system users with a /bin/noshell
> shell. I'm not sure if this is the same shell as the one provided
I'm just sending this out as a 'request for comment' really --
I notice debian-stable has a package for squid which (besides being
security-updated already) still has a known buffer overflow in it
(although it is apparently of 'unknown risk').
See:
http://www.squid-cache.org/Versions/v2/2.4/bug
On Wed, Oct 22, 2003 at 09:45:24AM +0200, Tobias Reckhard wrote:
> Hi
>
> We recently noticed that a stock woody install produces an /etc/passwd
> in which most, if not all, system users have a valid shell entry of
> /bin/sh. They're all unable to login due to having no valid password,
> but be
On Thu, Oct 23, 2003 at 12:52:19PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
> I have meant to ask this question for some time too. Specially since some
> distributions (such as RedHat) provide system users with a /bin/noshell
> shell. I'm not sure if this is the same shell as the one provided
On Wed, Oct 22, 2003 at 09:45:24AM +0200, Tobias Reckhard wrote:
> Hi
>
> We recently noticed that a stock woody install produces an /etc/passwd
> in which most, if not all, system users have a valid shell entry of
> /bin/sh. They're all unable to login due to having no valid password,
> but be
20 matches
Mail list logo
