Am 17. Sep, 2002 schwätzte Kevin Brown so:
> Use useradd and set the shell to /bin/false. This prevents a user from
> logging in as that account (even if they guess the password).
Excellent extra step. Locking the account will prevent guessing passwords,
though.
Don't change system acount shells to /bin/false, though. It is helpful, for
instance to su to postgres. Also, if the dist has an account with a shell
that shouldn't have it, the proper fix is to file a bug report and get the
dist to fix it.
ciao,
der.hans
--
# https://www.LuftHans.com/ http://www.TOLISGroup.com/
# I've got a photographic memory,
# but I'm lousy photographer. - der.hans
(text/plain)