+--On 11 août 2016 07:05:05 +0200 "O. Hartmann" <ohartman_at_zedat.fu-berlin.de> wrote: | I just checked the security scanning outputs of FreeBSD and found this | surprising result: | | [...] | Checking for passwordless accounts: | polkitd::565:565::0:0:Polkit Daemon User:/var/empty:/usr/sbin/nologin | pulse::563:563::0:0:PulseAudio System User:/nonexistent:/usr/sbin/nologin | saned::194:194::0:0:SANE Scanner Daemon:/nonexistent:/bin/sh | clamav::106:106::0:0:Clamav Antivirus:/nonexistent:/usr/sbin/nologin | bacula::910:910::0:0:Bacula Daemon:/var/db/bacula:/usr/sbin/nologin | [...] | | Obviously, some ports install accounts but do not secure them as there is | an empty password. | | I consider this not a feature, but a bug. Mmmm, I rewrote the user/group creation thingie a few months back, a bug may have crept in, I'll have a look at it today. -- Mathieu Arnold
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:07 UTC