[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: [Fwd: Still able to log in when password file shell is /bin/false]
From: Roberto Alsina <ralsina () conectiva ! com ! ar>
Date: 2000-06-12 19:20:11
[Download RAW message or body]
On Mon, 12 Jun 2000, Mark Huizer wrote:
> > > But it's common practice to set the shell to /bin/false to temporary
> > > forbid login of a specific user. Note, that its not always a solution to
> > > _remove_ the user from /etc/passwd. After all, it might not exist in
> > > /etc/passwd, but in NIS, and may be there are also deeper implications of
> > > removing a user from network (accouting informations, homedirs, such
> > > things).
> >
> > Oh yes, /etc/passwd might not be the only place where the access
> > rights / user info are held, but I assume that this poster is
> > using /etc/passwd for that, as they are setting the shell in
> > there.
> >
> > Anyway, the point is, it's not KDE's fault, because KDE isn't
> > a shell in the same sense :)
>
> But it is a way of logging in, so it should take that responsibility.
> Setting a shell to various things like false, or nologin or even the
> nonexistant version is a common practice for not allowing shell logins
> (think ftp, pop), and you don't want those users to get the login for
> free with KDM
Last I checked, changing the shell didn't work for pop (at least on
solaris and AIX). I will not check on linux right now :-)
In fact, xdm and dtlogin didn't block the user when you changed the shell,
either. Changing the shell simply prevents the use of the shell (yes,
tautology ;-)
("\''/").__..-''"`-. . Roberto Alsina
`9_ 9 ) `-. ( ).`-._.`) ralsina@unl.edu.ar
(_Y_.)' ._ ) `._`. " -.-' Director técnico
_..`-'_..-_/ /-'_.' Conectiva SA
(l)-'' ((i).' ((!.' Buenos Aires - Argentina
KDE Developer (MFCH)
"The stone age didn't end for a lack of stone" Firoz Rasul
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic