"Unix Tools" <[EMAIL PROTECTED]> writes: > Assign the user an rbash shell. > Quite restrictive.
It's not restrictive enough for a potentially malicious user (which is the case here, because the original poster knew the password could be sniffed). If you're going to give a shell at all in such cases, you need to use jail(8) or at least chroot(8). In this case, the original poster specifically said he wanted to give the account no password at all (which is, of course, even more restrictive), so these are overkill for this situation. Restricted shells really aren't for security uses. They are too easy to break out of (if you let them run any useful programs, anyway). To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
