Re: security questions
On Sat, Oct 28, 2000 at 08:36:47PM +0200, Robert Waldner wrote:
> On Sat, 28 Oct 2000 10:06:56 PDT, Peter Jay Salzman writes:
> >also, i noticed that some accounts which are disabled are given a shell of
> >/bin/false:
> >
> > ftp:x:100:65534::/home/ftp:/bin/false
> >
> >tiger seemed to hate this too. i tried playing around with /bin/false.
> >can't seem to figure out what it is. whatever it is, it's tiny. only 4 kb
> >long.
>
>
> there are /bin/true (which gives a return code of 0 when run) and /bin/
> false (which returns 1) (both values IIRC). very handy if you want to
> do something like `if (<bla> || /bin/true)` for some reason.
> giving a shell with /bin/false effectively disables the account´s
> possibility to get a login shell, but (as in case with ftp) shouldn´t
> hinder other services (eg ftp, pop3, .forward etc.).
>
> all of the above is in theory, because I tried that some time
> ago but couldn´t get an ftp-login when the shell was /bin/false, but I
> remember reading about it somewhere...
typically, ftpd checks to see if your shell is in /etc/shells -- if it's
not, you can't ftp.
--
CueCat decoder .signature by Larry Wall:
#!/usr/bin/perl -n
printf "Serial: %s Type: %s Code: %s\n", map { tr/a-zA-Z0-9+-/ -_/; $_ = unpack
'u', chr(32 + length()*3/4) . $_; s/\0+$//; $_ ^= "C" x length; } /\.([^.]+)/g;
Reply to: