From owner-freebsd-security Mon Aug 13 10:46:27 2001 Delivered-To: freebsd-security@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id CB98D37B405 for ; Mon, 13 Aug 2001 10:46:21 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 23647 invoked from network); 13 Aug 2001 17:46:06 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 13 Aug 2001 17:46:06 -0000 Message-ID: <001101c1241f$d9f9fdf0$0d00a8c0@alexus> From: "alexus" To: "Ivan Krstic" , References: <000b01c1241d$1feb9970$0d00a8c0@alexus> <20010813193429.Z3889@gnjilux.cc.fer.hr> Subject: Re: bin user Date: Mon, 13 Aug 2001 13:46:15 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2526.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2526.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org thats what i meant:) ----- Original Message ----- From: "Ivan Krstic" To: Sent: Monday, August 13, 2001 1:34 PM Subject: Re: bin user > On Mon, Aug 13, 2001 at 01:26:44PM -0400, alexus wrote: > > is it safe to allow user bin have shell but with password that no one will > > know? > > [snip] > If the only reason to give the bin user a shell is so you can su to this > account, there's no need to assign a password at all. The shadow file entry > illustrates this: > bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin > > Note the second field is an asterisk, which is an impossible hash (no password > will ever match). So, just assign this user a valid shell, and leave the > password the way it already is. > > Best regards, > > -- > Ivan Krstic - ike > " life is the road beneath my feet, > love is the girl I wait to meet, > and art is everything I create, > rob me of any and I will hate, > you, my God, my devil, my fate " > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message