"L.W. van Braam van Vloten" <[EMAIL PROTECTED]> writes: > Hello group, > > Is there any objection against adding /bin/false to the file > /etc/shells? Most notably, are there any security considerations?
It's common to use /bin/false for users who can't log in, and that usually includes blocking access to FTP, so it might be a surprise to a future admin who adds a user with a shell of /bin/false to find that this user can actually log in to FTP. A common technique which is probably better is to set the shell to something like "/bin/ftponly", and either make that a symlink to /bin/false or else just leave it nonexistent. Nobody will be surprised that a user with a shell of "/bin/ftponly" can log in to FTP, and the user still won't be able to log in to a shell. ----Scott. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
