Date: Tue, 22 Jan 2002 22:58:05 -0500 From: parv <parv_@yahoo.com> To: f-q <freebsd-questions@freebsd.org> Subject: is /usr/bin/passwd advisable as a login shell for ftp only users? Message-ID: <20020123035805.GA92721@moo.holy.cow>
next in thread | raw e-mail | index | archive | help
in a private newsgroup in a discussion about shells, somebody posted that /usr/bin/passwd is also a potential shell, along w/ sh, csh, etc. in reply, i thought out loud that that was a blunder and noted that it's for changing password. in reply to which the other person said that /usr/bin/passwd is not a blunder for users who have ftp only account. and, when a ftp user connects to the server -- via ssh or telnet -- they can change their password. (i assume that after password change user is logged off.) something tells me that using passwd (as a login shell) is bad thing, but i cannot come up w/ technical reasons. it seems to be a security risk waiting to happen. is /usr/bin/passwd advisable as a login shell for ftp only users, for that matter, for anybody? - waiting to be enlightened -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020123035805.GA92721>