OTERO Hernan Gustavo EDS wrote: 

> Looking in the /etc/passwd in my RH 8.0 instalation, the users
> 
> news:x:9:13:news:/etc/news:
> rpm:x:37:37::/var/lib/rpm:/bin/bash
> 
> has shell. Why this users need shell?

I don't know why RH does this. But having a valid shell in /etc/passwd
is not sufficent for an attacker. The account also must have a valid
password in /etc/shadow (or wherever your OS keeps them).  Usually the
role-accounts look somewhat like this:

bin:*:9797:0:::::
ftp:*:9797:0:::::
daemon:*:9797:0:::::
adm:*:9797:0:::::

The "*" or some other symbol like "!" means, that this is not a valid
password and so nobody can enter a correct password for this account.
Phil

Reply via email to