[wplug] Breakin attempts against the nobody account
John Harrold
jmh17 at pitt.edu
Mon Mar 28 10:21:21 EST 2005
Sometime in March Bill Moran assaulted the keyboard and produced:
| My question is: Are there systems out there with an unsecured "nobody"
| account by default? Or are there installation profiles that enable the
| "nobody" account?
On occasion I've been know to give nobody a shell. The reason that I do
this is that sometimes I run into permission problems (webserver not being
able to read files). The easiest way to check such things is to become the
web user and see if I can read the files. On Redhat this used to be nobody;
on the Debian it's www-data (at least it is for now). Now when I do this, I
set the nobody password to something nontrivial and I change the shell to
/bin/false when I'm done.
| I'm just curious, since I'm not familiar with any way this would ever
| work.
Perhaps other flavors of unix have this enabled by default?
--
----------------------------------------------------------
| /"\
john harrold | \ / ASCII ribbon campaign
jmh at member.fsf.org | X against HTML mail
the most useful idiot | / \
----------------------------------------------------------
What difference does it make to the dead, the orphans,
and the homeless, whether the mad destruction is brought
under the name of totalitarianism or the holy name of
liberty and democracy?
--Gandhi
----------------------------------------------------------
gpg --keyserver pgp.mit.edu --recv-key B23241CB
----------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://penguin.wplug.org/pipermail/wplug/attachments/20050328/41167ad1/attachment.bin
More information about the wplug
mailing list