Re: Adding /bin/false to /etc/shells

To: debian-user@lists.debian.org
Subject: Re: Adding /bin/false to /etc/shells
From: Johann Spies <jspies@sun.ac.za>
Date: Tue, 19 Dec 2006 12:34:12 +0200
Message-id: <[🔎] 20061219103412.GB28478@sun.ac.za>
Mail-followup-to: Johann Spies <jspies@sun.ac.za>, debian-user@lists.debian.org
In-reply-to: <[🔎] em7so8$dis$1@kristal.wpmills.com>
References: <[🔎] 20061218154926.wpmrskdxt64kggsw@webmail.dds.nl> <[🔎] em7so8$dis$1@kristal.wpmills.com>

On Mon, Dec 18, 2006 at 11:19:00PM -0600, W Paul Mills wrote:
> > /etc/shells? Most notably, are there any security considerations?
> > 
> > I wish to create a user that can log in to my FTP server, but without
> > shell access. I can prevent the shell access by specifying /bin/false as
> > the user shell. But my ProFTPD server will only allow this user to log
> > in if /bin/false is present in /etc/shells. By default this is not the
> > case.
> 
> I do not have an authoritative answer. Personally, I do not see
> a problem.
> 
> I have wu-ftp available here, and did some testing with it. Found
> the same problem here. Another thing that works is to use /bin/rbash

vsftpd also do not allow one to log in when the shell is /bin/false.

Regards
Johann

-- 
Johann Spies          Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch

     "And the angel said to her, " Do not be afraid, Mary; 
      for you have found favor with God. And behold, you 
      will conceive in your womb, and bear a son, and you 
      shall name Him Jesus."       Luke 1:30,31

Reply to:

References:
- Adding /bin/false to /etc/shells
  - From: "L.W. van Braam van Vloten" <lucas2@dds.nl>
- Re: Adding /bin/false to /etc/shells
  - From: W Paul Mills <Paul-NOT@Mills-USA.com>

Prev by Date: Re: qemu-make-debian-root problem
Next by Date: Re: Palm III xe
Previous by thread: Re: Adding /bin/false to /etc/shells
Next by thread: tg3 driver and kernel 2.6.8
Index(es):
- Date
- Thread