[svlug] Ubuntu 9.04 upgrade]

Greg Lindahl lindahl at pbm.com
Sat May 2 16:49:23 PDT 2009


On Sat, May 02, 2009 at 04:35:25PM -0700, James Sparenberg wrote:

> Right now, *buntu has opened an exploitable door

That would be the case if these accounts had passwords or ssh
authorized keys -- do they? Normally they don't. So nologin is not
the only part of the defense.

This discussion is quite relevant to pop logins without shells, though.

-- greg








More information about the svlug mailing list