|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] More advice on shell scripting and basic admin configurations
|
On Fri, 23 Apr 2010, Mike Leone wrote:
> Date: Fri, 23 Apr 2010 10:20:50 -0400
> From: Mike Leone <turgon@mike-leone.com>
> Reply-To: Philadelphia Linux User's Group Discussion List
> <plug@lists.phillylinux.org>
> To: Philadelphia Linux User's Group Discussion List
> <plug@lists.phillylinux.org>
> Subject: Re: [PLUG] More advice on shell scripting and basic admin
> configurations
>
> Claude M. Schrader had this to say:
>> On 17:12 Thu 22 Apr , Michael Leone wrote:
>>> So I've figured out to edit /etc/password to change the user shell to
>>> /bin/false; this stops the user from being able to telnet in. And I
>>> can change the home folder there, too. Just have to remember to do
>>> that for all new users.
>>
>>
>> Telnet isn't disabled completely?
>
> It is. The point is (generically) that if a user was able to telnet (or
> SSH) in, they could then go into other user's home directories, since by
> default the directories were created world-readable. In my case, I will
> set the shell to /bin/false, so they can't login in any way that gives
> them shell access (telnet, SSH, whatever).
>
>
I'm curious, is there a reason you're using /bin/false instead of
/sbin/nologin?
--
John "Elwin" Edwards
elwin@sdf.lonestar.org
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|