Date: Sun, 24 May 1998 01:50:39 +0200 (CEST) From: Are Bryne <are.bryne@communique.no> To: Mike Smith <mike@smith.net.au> Cc: freebsd-security@FreeBSD.ORG Subject: Re: SKey and locked account Message-ID: <Pine.BSF.3.96.980524014139.2969A-100000@rune.communique.no> In-Reply-To: <199805231710.KAA01275@antipodes.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 23 May 1998, Mike Smith wrote: > No, they don't. Administrative accounts disallow normal logins. > Having an invalid shell would prevent non-normal logins. I am not sure I understand you here... > Having an invalid shell would prevent non-normal logins. > > It would (perhaps) be worthwhile adding some verbiage to the > description of the shell field to make it clearer that setting it to > refer to /sbin/nologin is the preferred technique for preventing a user > having any access to the system. The current text assumes that the > reader already possesses this knowledge. Then perhaps the default /nonexistent 'shell' for various password file entries should be changed also? Regards, Are Bryne To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980524014139.2969A-100000>