Date: Wed, 2 Apr 1997 14:33:03 -0800 (PST) From: Random Junk <jsd@gamespot.com> To: "Lee Crites (AEI)" <leec@adam.adonai.net>, freebsd-questions@freebsd.org Subject: Re: Users with no shells Message-ID: <199704022233.OAA01955@hudsucker.gamespot.com> In-Reply-To: <Pine.BSF.3.95.970402154120.26495A-100000@adam.adonai.net> References: <199704022105.OAA24533@xmission.xmission.com> <Pine.BSF.3.95.970402154120.26495A-100000@adam.adonai.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Lee Crites (AEI) writes: > I just tried to ftp to the user I was testing the scripts with, and as > soon as I entered the user name, I got back: > 530 User xxxxxx access denied. > Login failed. > Remote system type is UNIX. this works because the ftp daemon checks the file /etc/shells for a list of valid shells. if your script doesn't appear in /etc/shells, the user won't be able to ftp in with that account name. > Would a compiled program be more secure than scripts? I'm sort of > leaning in that direction because you can't 'read' an executable like > you can a script. true. you can probably make your nologin script not-world-readable though. ---jsd "Sanity is a one trick pony...you only get one trick: rational thinking... but when you're good and crazy,the sky's the limit!!" - The Tick.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704022233.OAA01955>