passwd

2025-04-14

I am working on a writeup for the installation of DCC + Spamassassin onto a Slackware Linux system @ http://slackware.hostinghacks.net/spamassassin/ and I have encountered the following situation that I think warrents further investigation.

--> During the installation of DCC (Distributed Checksum Clearinghouse) it is apparently necessary to change the line containing the "bin" user in /etc/passwd so that it contains the

following information:

Code:

bin:x:1:1:bin:/bin:/bin/sh

For comparison, on a default RedHat 9 installation this line contains:

Code:

bin:x:1:1:bin:/bin:/sbin/nologin

and on a Slackware 10 installation it looks like this:

Code:

bin:x:1:1:bin:/bin:

I have some reservations about actually making this modification because of the possibility security repercussions. So I was wondering if someone would be able to help me assess the threat level of making this type of change?

Are we talking "code yellow " or "code orange " here?