Paolo sayed : "The daemon do not start a shell (that is started when the user login)."
Ok, but i don't want ftp users to have any kind of access to shells, just pure ftp connexions, that's all. Should I remove in /bin/sh for user nobody in /etc/password? Mico. -----Original Message----- From: Paolo Pantaleo [mailto:[EMAIL PROTECTED] Sent: jeudi 29 septembre 2005 17:45 To: [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: proftpd using nobody user with /bin/sh ? 2005/9/29, micobros <[EMAIL PROTECTED]>: > > > > Hello, > > > > Proftpd is launched with user nobody. I was wondering why this user had to > have a default shell set to /bin/sh. Is there any reason for that? Can I > modify it to /bin/false? Is it a security problem to have a service like > Proftpd (running standalone) running with the default shell to /bin/sh? > > > > > > Chears, > > > > > > Mico. When you run a daemon it changes his user id to something (in this case it is nobody) so it can get the privileges of that user. The user id change is done in the same process(that will eventually fork, but this doesn't matter). The daemon do not start a shell (that is started when the user login). PAolo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
