FS#19796 : [fetchmail] Shell should be /bin/false, not /bin/bash

FS#19796 - [fetchmail] Shell should be /bin/false, not /bin/bash

Attached to Project: Arch Linux
Opened by Andres P (llanero) - Monday, 14 June 2010, 23:19 GMT
Last edited by Eric Belanger (Snowman) - Tuesday, 08 February 2011, 21:03 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	Aaron Griffin (phrakture)
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	3 Kaiting Chen (kaitocracy) (2010-08-26) Daniel Micay (thestinger) (2010-08-24) Leonid Isaev (lisaev) (2010-08-07)
Private	No

Details

Package version:
6.3.17-1

Description:
Whoever wrote the rc.d script thought that overriding the default shell with su isn't possible.

The idea is that only root can use /bin/sh to call the daemon, but login into the account by users should fail...

Not having /bin/false is a security risk and inconsistent with the rest of the daemon accounts.

fetchmail-noshell.diff (1.2 KiB)

This task depends upon

Closed by Eric Belanger (Snowman)
Tuesday, 08 February 2011, 21:03 GMT
Reason for closing: Fixed
Additional comments about closing: fetchmail-6.3.19-1

Comment by Eric Belanger (Snowman) - Monday, 13 December 2010, 01:35 GMT

Should be fixed in fetchmail-6.3.19-1 in testing. Please test and report any success/problems.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#19796 - [fetchmail] Shell should be /bin/false, not /bin/bash

Details

Loading...