How to run program as another user - and permanently dropping
current user privileges?
Chris Carey
chris.carey at gmail.com
Tue Mar 13 17:50:19 MDT 2007
On 3/13/07, Kenneth Burgener <kenneth at mail1.ttak.org> wrote:
> and all files created by 'myprogram' are created as the 'myuser'
> program, which is what I wanted. But I wonder if having the 'myuser'
> with a default shell (and no password) would be a security hole, and
> possibly allow someone to SSH to my box using this user account. I
> noticed all other daemon users have "/sbin/nologin" as their default
> shell, and I assume they do this for a reason.
>
> Should I be concerned with this?
You can specifically deny SSH logins to that account by editing
/etc/ssh/sshd_config
More information about the PLUG
mailing list