Bugtraq mailing list archives
Re: ? Trojan /usr/bin/false ?
From: Bernd.Lehle () RUS Uni-Stuttgart DE (Bernd Lehle)
Date: Tue, 13 Aug 1996 11:27:05 +0200
Replacing the default shell with /usr/bin/false (or /bin/false or whatever) is a common simple security reccommendation. Has anyone heard of somebody replacing /usr/bin/false with a Trojan version to gain access to the non-account accounts (adm, lp, bin, etc...)?
I have never heard that. But talking about true/false as login shells: On IRIX (at least 5.3) /bin/true and /bin/false are shell scripts, starting with #!/sbin/sh and containing nothing but "exit 0" or "exit 255". (Besides some silly Copyright and Version Information from AT&T). Is there a possibility that through obscure circumstances a user having /bin/false or /bin/true as a login shell ends up with /sbin/sh ? --
Bernd Lehle - Stuttgart University Computer Center * A supercomputer < Visualization / Security / Astrophysics * is a machine < lehle () rus uni-stuttgart de Tel:+49-711-685-5531 * that runs an < http://www.tat.physik.uni-tuebingen.de/~lehle * endless loop < pgp? -> finger bernd () visbl rus uni-stuttgart de * in 2 seconds <
Current thread:
- Re: ? Trojan /usr/bin/false ? Bernd Lehle (Aug 13)
- Re: ? Trojan /usr/bin/false ? Alan Cox (Aug 13)