-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "Ivan" == \"Ivan R \" <Ivan> writes:
Ivan> hi all! i want a password file without hole. Ivan> so i have now in /etc/passwd: Ivan> root with /bin/bash Ivan> daemon, bin and sys with /bin/sh Ivan> sync with /bin/sync Ivan> normal users with /bin/bash Ivan> ftp users with /bin/noshell Anything that is not a real user can have its shell set to /bin/false. In fact, depending on how your system is set up, you could probably even set root's shell to /bin/false. Just make sure that you have some way of doing stuff as root (e.g. sudo), and that you don't kill single mode. (Never tried this, but I don't see why you couldn't do this.) So daemon, bin, sys, ftp, www-data, mail, mysql, etc. can probably be set to /bin/false. (Why does Debian not do this by default?) I don't know what the sync user is for, though, so I don't know if you can set it to /bin/false. /bin/sync looks like it was put there for a reason. - -- Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/ PGP/GnuPG key: 1024D/71FDA37F Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8P6bKZRhU33H9o38RArsIAKCY+idTjmRqnLlZK60R586wjpxtnwCgwnL+ FJUq6Y7683pJX1Fkz4oEauQ= =g3hk -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]