Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=456182 --- Comment #20 from Derek Martin <code@xxxxxxxxxxxxxx> 2008-10-28 16:27:49 EDT --- (In reply to comment #19) > Well, /etc/shells also has /sbin/nologin. Won't that cause some of the above > problems too? Indeed it would... All of the above would apply to nologin as well, though in some cases (e.g. the ftp server case and the sendmail .forward case) the exact configuration of the system can come into play. I'm not really at liberty to test any of this at the moment, but I think the chsh DoS example should be easy to reproduce... If you can change your shell to nologin, you can lock yourself out of the system (and so can an opportunistic malicious user), requiring root intervention. Bear in mind that the list of examples I provided is by no means exhaustive... -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review