[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shell of place-holder accounts (shouldn't be a valid shell)

Chris Ulrich <cdulrich@ucdavis.edu> wrote:
>   On most unix systems, there are accounts that exist not for users
> but to make the filesystem look nice (uids get names instead of
> numbers with ls) or for security isolate special purpose processes
> from the rest of the system. Examples of this are the nobody user, for
> root squashed NFS, the qmail user for the different qmail daemons, the
> http user for the web server, and so on. Debian has quite a few of
> these users in the default /etc/passwd.

These are not there only to make sure that ls looks nice.  These
entries also are there to ensure that these ids are not inadvertently

>   Given that these accounts *never* need to have someone use them, it
> seems like a needless security flaw to give them a shell in /etc/passwd.

Note that some of the uids you gave as examples have soemthing 
appropriate (/bin/false) for their shell.

However, overall I agree that passwordless system ids should all have
/bin/false.  (And there should be some well advertised debian mechanism
besides su for root to adopt these identities -- one that always uses
$SHELL or /bin/sh.)


To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: