* Andreas Barth (aba@not.so.argh.org) wrote: > * sean finney (seanius@debian.org) [051026 14:20]: > > i don't think removing and reusing users is a good idea in practice. > > what harm would there be in simply leaving the user account on the > > system permenantly, with maybe locking the account and setting the > > shell to /bin/false? > > Yep, that's probably best practice. In a 'best practice' setup, I'd think it's certainly be much better for unused accounts to not exist than to have them exist but be locked out through some means. I'm not a huge fan of trusting 'lock-out' mechanisms as they can be different for different authentication systems. Thanks, Stephen
Attachment:
signature.asc
Description: Digital signature