[Prev][Next][Index][Thread]
Re: XDMCP security?
On Mon, 23 Sep 1996, Dr Andrey Tsouladze wrote:
> When you `take away' a user shell, most probably you do it by
> assigning /dev/null which is not a valid shell. However, there is a
> special shell for just these purposes. It is /bin/false. This shell
> allows a user to log in, writes information about user's mail, and
> exits.
>
> I suspect freeware Win95 you are talking about can somehow overcome
> invalid shell but will honor a valid one.
options are putting /dev/null, nothing or /bin/false, but all produced the
same resaults!
xdm runs .Xsession anyway, and fvwm will lwt you open an Xterm with a
non-default (i.e. any) shell you need.
> > > A user has the privilege to rename a root owned file or directory
> > > inside a directory (the home directory here) that she owns.
> >
> > not if root chmods is 000
>
> As long as a directory is owned by a user, he can delete any file
> there, that is, if he can log in :-)
oops... my mistake. he owns the directory :-)
-------------------------------------------------------------
Ira Abramov <ira@scso.com> Scalable Solutions
SITE Web Presence ("webspace for rent") http://www.site.co.il
Beeper 48484 at 03-610-6666, 02-6294-666 FAX (972)2-643-0471
POBox 3600, Jerusalem 91035, Israel Tel (972)2-642-6822
http://www.scso.com/~ira Check out: http://www.linux.org.il
References: