[3011] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

? Trojan /usr/bin/false ?

daemon@ATHENA.MIT.EDU (Jeremy Brinkley)
Thu Jul 25 18:58:04 1996

Date: 	Thu, 25 Jul 1996 15:14:18 -0700
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Jeremy Brinkley <pbjeremy@idiom.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>

Replacing the default shell with /usr/bin/false (or /bin/false or
whatever) is a common simple security reccommendation.  Has anyone heard
of somebody replacing /usr/bin/false with a Trojan version to gain access
to the non-account accounts (adm, lp, bin, etc...)?

--
/------------------------|------------------------\
| Jeremy Brinkley        | Peninsula Blood Bank   |
| I.S. Assistant         | 1791 El Camino Real    |
| pbjeremy@idiom.com     | Burlingame, CA  94010  |
| (415) 697 5164         | FAX (415) 697 4332     |
\------------------------|------------------------/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3011] in bugtraq

? Trojan /usr/bin/false ?

daemon@ATHENA.MIT.EDU (Jeremy Brinkley)Thu Jul 25 18:58:04 1996

daemon@ATHENA.MIT.EDU (Jeremy Brinkley)
Thu Jul 25 18:58:04 1996