[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

security of non-login users



hi there!

i'm wondering if anyone could tell me if there are any particular
concerns i should have about creating additional non-login users
on my system.  if the password field has '*', and the shell is
set to something like /bin/false, /bin/true, or /nonexistent, 
then can i consider that user to be insignificant, as a security
risk?  specifically, the reason i ask is that i want to create
separate users for logging (i'm using a replacement for syslog)
but i just want to make sure that making more non-login accounts
might not compromise the security of my system.

awaiting your comments and/or insights...

thanks,
brian