[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /etc/passwd->shell

En réponse à Hubert Chan <hackerhue@geek.com>:

> Anything that is not a real user can have its shell set to /bin/false.
> In fact, depending on how your system is set up, you could probably
> even
> set root's shell to /bin/false.


> Just make sure that you have some way
> of doing stuff as root (e.g. sudo),
> and that you don't kill single
> mode.  (Never tried this, but I don't see why you couldn't do this.)

ok for sudo, but what do you mean by "don t kill single mode"?

> So daemon, bin, sys, ftp, www-data, mail, mysql, etc. can probably be
> set to /bin/false.  (Why does Debian not do this by default?)

i just tried to put /bin/false in /etc/passwd for ftp, www-data, mysql, man
and that s ok. i ll try to do so for daemon, bin and sys at home
(i prefer than to do this at work :p)
> I don't know what the sync user is for, though, so I don't know if you
> can set it to /bin/false.  /bin/sync looks like it was put there for a
> reason.

yes, you re right too. sync is called by updated to flush the filesystem buffers
every 30 seconds.

i ll tell you what about daemon, bin and sys soon.

thanks for all ;D

Ivan R.

Reply to: