+--On 11 août 2016 07:05:05 +0200 "O. Hartmann" <ohart...@zedat.fu-berlin.de> wrote: | I just checked the security scanning outputs of FreeBSD and found this | surprising result: | | [...] | Checking for passwordless accounts: | polkitd::565:565::0:0:Polkit Daemon User:/var/empty:/usr/sbin/nologin | pulse::563:563::0:0:PulseAudio System User:/nonexistent:/usr/sbin/nologin | saned::194:194::0:0:SANE Scanner Daemon:/nonexistent:/bin/sh | clamav::106:106::0:0:Clamav Antivirus:/nonexistent:/usr/sbin/nologin | bacula::910:910::0:0:Bacula Daemon:/var/db/bacula:/usr/sbin/nologin | [...] | | Obviously, some ports install accounts but do not secure them as there is | an empty password. | | I consider this not a feature, but a bug.
Mmmm, I rewrote the user/group creation thingie a few months back, a bug may have crept in, I'll have a look at it today. -- Mathieu Arnold
pgpOEa0qSpvfQ.pgp
Description: PGP signature
