lastlog: Another brief lookover

lastlog, as the name might suggest, shows the available accounts and the last times they logged in.

2013-12-19-lv-r1fz6-lastlog

And that may be all it does, with a few other flags that trim the search dates or specify a user name.

It raises a question for me though. I don’t have a multiuser system to check on, but can I list all the users on a system with this tool?

You can see in the screenshot that without sudo I can see all the users available on this computer; should I attribute that to being the only user?

I wouldn’t dare call that a security flaw, but knowing available accounts seems like half the challenge.

And now I will stop talking about things I really don’t know, and tell something I do: lastlog is part of shadow in Arch, but I can’t seem to find it in Debian.

Usually I find shadow’s equivalent in passwd in Debian, but I don’t see lastlog in the list of files there. Someone give me a push. … 😕

4 thoughts on “lastlog: Another brief lookover

Comments are closed.