OTERO Hernan Gustavo EDS wrote: > Looking in the /etc/passwd in my RH 8.0 instalation, the users > > news:x:9:13:news:/etc/news: > rpm:x:37:37::/var/lib/rpm:/bin/bash > > has shell. Why this users need shell?
I don't know why RH does this. But having a valid shell in /etc/passwd is not sufficent for an attacker. The account also must have a valid password in /etc/shadow (or wherever your OS keeps them). Usually the role-accounts look somewhat like this: bin:*:9797:0::::: ftp:*:9797:0::::: daemon:*:9797:0::::: adm:*:9797:0::::: The "*" or some other symbol like "!" means, that this is not a valid password and so nobody can enter a correct password for this account. Phil