* Guillem Jover [2011-04-05 06:19 +0200]:
> On Tue, 2011-04-05 at 01:08:19 +0100, Ben Hutchings wrote:
> > This appears to open up any accounts that have been deliberately
> > disabled by setting their shell to a nonexistent path. I know that's a
> > dumb way to disable an account, but that doesn't make this any less of a
> > security hole.
> >
> > How about checking for the configured shell in /etc/shells before
> > enabling the fallback?
>
> Ah good catch! Done with the attached patch.
mksh.prerm contains:
remove|upgrade|deconfigure)
update-alternatives --remove ksh /bin/mksh
update-alternatives --remove ksh /bin/mksh-static
remove-shell /bin/mksh
remove-shell /bin/mksh-static
bash.postrm contains:
remove|purge|disappear)
if which remove-shell >/dev/null && [ -f /etc/shells ]; then
remove-shell /bin/bash
remove-shell /bin/rbash
fi
... so they are missing from /etc/shells after they have been removed.
Alternatives include a hardcoded list instead of relying on /etc/shells
or an additional file that contains all shells that were ever part of
/etc/shells. prerm could also fail it the shell is set as root's (or
any, otherwise setups using sudo instead of root might break) login
shell.
Carsten
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110405090235.gb10...@furrball.stateful.de
