Excuse my ignorance, but what is then the idea behind the users with interactive shell instead of a /bin/false or similar?
> > On Tue, Apr 14, 2009 at 06:09:39PM +0200, Ante Karamati?? wrote: > > > Next are users with /bin/bash. If those users would have /bin/false, > > > they won't be able to run jobs from cron. > > > > The idea that setting a shell makes a service user vulnerable to > > exploitation is ridiculous. If a service were exploited, the attacker > > would have arbitrary code control, and could spawn whatever program they > > wanted, regardless of the configured shell. > > That's correct. Anyway, my claim that a user wouldn't be able to use > cron if it has /bin/false shell, is wrong. -- Alberto Sierra Reales [aesetres] IT Consultant Cel. 8319-1805
-- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam