On Monday March 26 2007 02:41, Bruce Dubbs wrote: > One of the reasons for LFS and BLFS is to explain what is gong on. If > there is no technical merit to it and there are reasons against it, then > "we have always done it that way" is insufficient.
Okay, fair enough. 'nobody' isn't a human user and so should be kept with the system and administrative users, below ID 100. As for /bin/false vs /sbin/nologin, an `su nobody`, or 'named' or something else, with a /bin/false shell will return an error code, but no error message. It's not clear why the login failed. Silent rejection is usually appropriate for malicious use, but this is more like careless use and deserves an error message. robert
pgpTK1js6kzxH.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
