Hi there,
(newbie)
just a question to improve my security knowledges about system users and their login.
A friend of mine suggested me to disable the login and set the shell to /bin/false for system users such as HTTP Apache,
Tomcat,
JBoss and Mysql; in order to don't allow possible hackers take over their identity and make mess with the web applications.
It makes sense, but it doesn't give me the oppotunity to restart those services as their relative users, because I can't login at all, neither with "su" command.
What the best compromise?
(Suse 10.1)
Thanks in advance
[ February 04, 2007: Message edited by: Alessandro Ilardo ]
