nologin for users
dneumann at gmx.com
Tue Feb 19 10:15:20 PST 2002
> Login has documentation on how to stop all users but root from logging
> a system. Otherwise, all users may login. This poses a threat, I think,
> for users like "nobody" that aren't really users, but rather are dummy
> users. Assuming I set a password for that account, passwords can still be
> cracked, and that would lead to a security defect.
Why set a password for pseudos? Have a look at your /etc/shadow and you see
something like that:
See the ! in the password field? This mark restricts all logins with this
account. You CANT login as nobody.
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message
More information about the lfs-security