Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Below is my passwd file. I was wondering why is there other accounts installed by default? And, why would they have /bin/sh as their shell? Isn't that a security hole? Should I switch their shell to /bin/false? Will that break anything?
there are many accounts installed by default on even the most basic Unix install.
This is a good thing.
What it means is that every one of those programs will be working (at least in part) as a normal user instead of as root which increases the security of your system.
As for /bin/sh being set as the shell. I don't like this and have sucessfully changed many of those entries to to use /bin/false or /sbin/nologin et al. However this *really* isn't a security hole since if you look @ /etc/shadow you will notice that all of those users have "*" as a password. That basically disables any password-based login so /bin/sh as a shell isn't really insecure.