system users and /bin/false ?
gerard at linuxfromscratch.org
Mon Dec 11 11:58:06 PST 2000
> What is the difference above with using /bin/false in the shell field for
> nobody vs. having nothing for bin's shell field? I have always been
> curious about this. man false tells me a little... Someone with a shell
> /bin/false should not be able to login (I think).!?
if /etc/passwd does not contain a shell for a user it will default to /bin/sh
for most applications (like login). Some apps don't allow you to login like
proftpd. But in most cases /bin/sh will be assumed and used. Adding
/bin/false to the password field effectively disallows a user to login
-*- If Linux doesn't have the solution, you have the wrong problem -*-
More information about the lfs-security