i just found out that my Ubuntu Server 6.10 has login shells for almost all users set in the /etc/passwd file!
That’s a very bad idea because this maybe enabled someone to install “Data Cha0s Back Backdoor” on my machine 🙁
I checked this with 2 other fresh Ubuntu Server 6.10 installations and both had the login shells for users like daemon, mail, www-data and so on. Especially www-data should not have a chance to create a shell in my opinion!
So i changed /bin/sh to /usr/sbin/nologin and hope this makes it a bit more secure.
Pingback: Lovely Systems