File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Linux / UNIX and the fly likes system users login and login shell Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Linux / UNIX
Bookmark "system users login and login shell" Watch "system users login and login shell" New topic
Author

system users login and login shell

Alessandro Ilardo
Ranch Hand

Joined: Dec 23, 2005
Posts: 218
Hi there,
(newbie)
just a question to improve my security knowledges about system users and their login.

A friend of mine suggested me to disable the login and set the shell to /bin/false for system users such as HTTP Apache, Tomcat, JBoss and Mysql; in order to don't allow possible hackers take over their identity and make mess with the web applications.
It makes sense, but it doesn't give me the oppotunity to restart those services as their relative users, because I can't login at all, neither with "su" command.
What the best compromise?
(Suse 10.1)

Thanks in advance
[ February 04, 2007: Message edited by: Alessandro Ilardo ]

trying to decode a woman mind....
Alessandro Ilardo
Ranch Hand

Joined: Dec 23, 2005
Posts: 218
sudo
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16061
    
  21

Actually, you should be able to use the "su" command. Unless you're running su with the option that causes the account's login script to be executed.


Customer surveys are for companies who didn't pay proper attention to begin with.
Alessandro Ilardo
Ranch Hand

Joined: Dec 23, 2005
Posts: 218
useful answer to my issue
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: system users login and login shell