| Author |
system users login and login shell
|
Alessandro Ilardo
Ranch Hand
Joined: Dec 23, 2005
Posts: 218
|
|
Hi there,
(newbie)
just a question to improve my security knowledges about system users and their login.
A friend of mine suggested me to disable the login and set the shell to /bin/false for system users such as HTTP Apache, Tomcat, JBoss and Mysql; in order to don't allow possible hackers take over their identity and make mess with the web applications.
It makes sense, but it doesn't give me the oppotunity to restart those services as their relative users, because I can't login at all, neither with "su" command.
What the best compromise?
(Suse 10.1)
Thanks in advance
[ February 04, 2007: Message edited by: Alessandro Ilardo ]
|
trying to decode a woman mind....
|
 |
Alessandro Ilardo
Ranch Hand
Joined: Dec 23, 2005
Posts: 218
|
|
sudo 
|
|
Tim Holloway
Saloon Keeper
Joined: Jun 25, 2001
Posts: 14460
|
|
|
Actually, you should be able to use the "su" command. Unless you're running su with the option that causes the account's login script to be executed.
|
Customer surveys are for companies who didn't pay proper attention to begin with.
|
|
Alessandro Ilardo
Ranch Hand
Joined: Dec 23, 2005
Posts: 218
|
|
|
useful answer to my issue
|
|
 |
|
|
subject: system users login and login shell
|
|
|
0
