U Uto, 14. 04. 2009., u 09:23 -0700, Kees Cook je napisao/la: > On Tue, Apr 14, 2009 at 06:09:39PM +0200, Ante Karamati?? wrote: > > Next are users with /bin/bash. If those users would have /bin/false, > > they won't be able to run jobs from cron. > > The idea that setting a shell makes a service user vulnerable to > exploitation is ridiculous. If a service were exploited, the attacker > would have arbitrary code control, and could spawn whatever program they > wanted, regardless of the configured shell.
That's correct. Anyway, my claim that a user wouldn't be able to use cron if it has /bin/false shell, is wrong. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
