Your Distro is Insecure: Ubuntu
albertosierra at aesetres.com
Tue Apr 14 18:54:34 UTC 2009
Excuse my ignorance, but what is then the idea behind the users with
interactive shell instead of a /bin/false or similar?
> > On Tue, Apr 14, 2009 at 06:09:39PM +0200, Ante Karamati?? wrote:
> > > Next are users with /bin/bash. If those users would have /bin/false,
> > > they won't be able to run jobs from cron.
> > The idea that setting a shell makes a service user vulnerable to
> > exploitation is ridiculous. If a service were exploited, the attacker
> > would have arbitrary code control, and could spawn whatever program they
> > wanted, regardless of the configured shell.
> That's correct. Anyway, my claim that a user wouldn't be able to use
> cron if it has /bin/false shell, is wrong.
Alberto Sierra Reales [aesetres]
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-server