Date: Tue, 02 Nov 1999 10:48:18 -0500 From: John <papalia@UDel.Edu> To: Sheldon Hearn <sheldonh@uunet.co.za>, freebsd-questions@freebsd.org Subject: Re: /nonexistent vs. /sbin/nologin Message-ID: <4.1.19991102104653.009c23f0@mail.udel.edu> In-Reply-To: <3824.941533281@axl.noc.iafrica.com> References: <Your message of "Mon, 01 Nov 1999 23:45:13 EST." <4.1.19991101232918.00943730@mail.udel.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>> When i went into vipw though, I noticed that both "/nonexistent" and >> "/sbin/nologin" exist. What is the difference between those? And >> also, which is considered more secure? > >There's no difference in terms of security. The /sbin/nologin method >prints out a friendly "piss off" message, while /nonexistent does not. >However, /nonexistent will work on most non-FreeBSD platforms, which >makes supposedly makes migrating passwd files easier. > >Personally, I think that's a pretty lame motivation. While it's mostly >religious, your end-users will certainly appreciate /sbin/nologin more. Knowing that neither opens (software) security holes is a good thing. Just now comes down to deciding which to use. Thanks again for the info! --John To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19991102104653.009c23f0>