tags #366546 - security thanks This does not need to be on the security team's radar.
On Tue, May 09, 2006 at 06:43:19PM +0300, Jari Aalto wrote: > file /etc/passwd reads: > > Debian-exim:x:102:102::/var/spool/exim4:/bin/false > > SUGGESTION > > The new login package includes binary /bin/nologin which behaves the > as /bin/false, but helps with security auditions by leaving a trace > of login attempt to syslog. > > Please chenge to use 'nologin' in place of 'false' exim relies on adduser's default value, which still is /bin/false. Additionally, I do not see the necessity of having transition code in the maintainer scripts which might introduce additional breakage. I'll need to think about this issue for a while. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
