Re: Preventing logins /bin/false ?

To: Ian Perry <iperry@inertia.com.au>
Cc: 'Debian Users' <debian-user@lists.debian.org>
Subject: Re: Preventing logins /bin/false ?
From: Michael Heldebrant <hmike@portalofevil.com>
Date: 17 Aug 2001 00:16:28 -0500
Message-id: <[🔎] 998025389.7624.21.camel@sandworm>
In-reply-to: <[🔎] 003101c126c8$1712b060$127509d2@inertia.com.au>
References: <[🔎] 003101c126c8$1712b060$127509d2@inertia.com.au>

On 17 Aug 2001 12:55:35 +1000, Ian Perry wrote:
> Hi,
> 
> Quick question.
> I have been using /dev/null to prevent shell logins (yet still leave pop3
> etc running) as follows:
> username:x:1000:1000:Mr User,,,:/home/homedir:/dev/null
> 
> I noticed that the shell can also be put as /bin/false as in ftp
> 
> I prefer /dev/null as the user is instantaneously disconnected without any
> messages.
> 
> Is there a possible problem with this ?

I'm not sure but from the false info page:

   This version of `false' is implemented as a C program, and is thus
more secure and faster than a shell script implementation, and may
safely be used as a dummy shell for the purpose of disabling accounts.

I'm not sure if exec /dev/null is bad, it may just fail since it's not
executable.  Check your log files for error messages from logins from
your /dev/null users.

--mike

Reply to:

References:
- Preventing logins /bin/false ?
  - From: "Ian Perry" <iperry@inertia.com.au>

Prev by Date: Re: xawtv and NFS won't play
Next by Date: virtual console on serial port
Previous by thread: Preventing logins /bin/false ?
Next by thread: Re: Preventing logins /bin/false ?
Index(es):
- Date
- Thread