Bug#366546: exim4-daemon-heavy: Use /bin/nologin instead of
/bin/false in /etc/passwd
Marc Haber
mh+debian-packages at zugschlus.de
Sat May 13 14:30:53 UTC 2006
tags #366546 - security
thanks
This does not need to be on the security team's radar.
On Tue, May 09, 2006 at 06:43:19PM +0300, Jari Aalto wrote:
> file /etc/passwd reads:
>
> Debian-exim:x:102:102::/var/spool/exim4:/bin/false
>
> SUGGESTION
>
> The new login package includes binary /bin/nologin which behaves the
> as /bin/false, but helps with security auditions by leaving a trace
> of login attempt to syslog.
>
> Please chenge to use 'nologin' in place of 'false'
exim relies on adduser's default value, which still is /bin/false.
Additionally, I do not see the necessity of having transition code in
the maintainer scripts which might introduce additional breakage.
I'll need to think about this issue for a while.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
More information about the Pkg-exim4-maintainers
mailing list