Re: Adding /bin/false to /etc/shells
On Mon, Dec 18, 2006 at 11:19:00PM -0600, W Paul Mills wrote:
> > /etc/shells? Most notably, are there any security considerations?
> > I wish to create a user that can log in to my FTP server, but without
> > shell access. I can prevent the shell access by specifying /bin/false as
> > the user shell. But my ProFTPD server will only allow this user to log
> > in if /bin/false is present in /etc/shells. By default this is not the
> > case.
> I do not have an authoritative answer. Personally, I do not see
> a problem.
> I have wu-ftp available here, and did some testing with it. Found
> the same problem here. Another thing that works is to use /bin/rbash
vsftpd also do not allow one to log in when the shell is /bin/false.
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"And the angel said to her, " Do not be afraid, Mary;
for you have found favor with God. And behold, you
will conceive in your womb, and bear a son, and you
shall name Him Jesus." Luke 1:30,31