Re: User?s and Shells
From: Zow (email@example.com)
- Previous message: Nicole Nicholson: "Re: User?s and Shells"
- Maybe in reply to: Brian Hatch: "Re: User?s and Shells"
- Next in thread: Philipp Schulte: "Re: User?s and Shells"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Glynn Clements <firstname.lastname@example.org> Date: Fri, 27 Dec 2002 08:03:21 -0800 From: "Zow" Terry Brugger <email@example.com>
> > Humm. . . On my Mandrake 9.0 box, the rpm user's shell is set to
> > /bin/false ,
> > so I would suspect that you can probably safely change it to that.
> Even this isn't necessarily safe; by the time that the "shell" gets to
I'm sorry -- I wasn't precise enough in my choice of words. By "safely", I
meant with respect to the intended functionality of the system, not
necessarily the security of the system. And you're absolutely right: having
/bin/false there doesn't provide any guarantee of security. It will, however,
aid in protecting against using the account with a default password that was
unintentionally left on the system, or a brute-force attack against that
account. Problems with /bin/false aside, if an attacker can run arbitrary
code as a given user, it doesn't matter what shell (if any) that user is
assigned in /etc/passwd: the attacker can just exec whatever shell they want.