[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Adding /bin/false to /etc/shells

> On Mon, Dec 18, 2006 at 03:49:26PM +0100, L.W. van Braam van Vloten wrote:
> > Is there any objection against adding /bin/false to the file  
> > /etc/shells? Most notably, are there any security considerations?
> > 
> > I wish to create a user that can log in to my FTP server, but without  
> > shell access. I can prevent the shell access by specifying /bin/false  
> > as the user shell. But my ProFTPD server will only allow this user to  
> > log in if /bin/false is present in /etc/shells. By default this is not  
> > the case.

On 18.12.06 12:10, Roberto C. Sanchez wrote:
> You don't even need to have /bin/false in /etc/shells.  In fact, you can
> give the user any binary which is not in /etc/shells and he won't be
> able to log in.  But /bin/false is the usual for users not permitted to
> login via the shell.

and permitted to log in via FTP.

Yes, logins like ftponly, passwd, scponly and nologin are more intuitive...

Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.

Reply to: