> On Aug 10, 2016, at 22:05, O. Hartmann <ohartman_at_zedat.fu-berlin.de> wrote: > > I just checked the security scanning outputs of FreeBSD and found this > surprising result: > > [...] > Checking for passwordless accounts: > polkitd::565:565::0:0:Polkit Daemon User:/var/empty:/usr/sbin/nologin > pulse::563:563::0:0:PulseAudio System User:/nonexistent:/usr/sbin/nologin > saned::194:194::0:0:SANE Scanner Daemon:/nonexistent:/bin/sh > clamav::106:106::0:0:Clamav Antivirus:/nonexistent:/usr/sbin/nologin > bacula::910:910::0:0:Bacula Daemon:/var/db/bacula:/usr/sbin/nologin > [...] > > Obviously, some ports install accounts but do not secure them as there is an > empty password. > > I consider this not a feature, but a bug. saned is the only one that might concern me because the login shell isn't nologin(1). Cheers, -NgieReceived on Thu Aug 11 2016 - 03:16:49 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:07 UTC