Path: utzoo!attcan!utgpu!watmath!att!tut.cis.ohio-state.edu!mailrus!ncar!tank!mimsy!kilroy
From: kilroy@mimsy.UUCP (kilroy hasn't been here in *weeks*)
Newsgroups: comp.unix.wizards
Subject: Shutting off accounts (was: "Re: Multiple Root ID's ...")
Summary: Give them something to look at.
Keywords: accounts, /dev/null, shutoff, `Woof!'
Message-ID: <19711@mimsy.UUCP>
Date: 21 Sep 89 15:11:19 GMT
References: <435@lxn.eds.com> <347@galadriel.bt.co.uk> <4183@buengc.BU.EDU> <7383@rpi.edu> <2449@crdgw1.crd.ge.com>
Reply-To: kilroy@mimsy.umd.edu.UUCP (Darren F. Provine)
Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742
Lines: 19
Disclaimer: This article was not pre-approved by the University.  Neither was
            my dog Brandy, who actually wrote it.


In article <2449@crdgw1.crd.ge.com> barnett@crdgw1.crd.ge.com
	(Bruce Barnett) writes:
>
>In article <7383@rpi.edu>, night@pawl (Trip Martin) writes:
>>The method I've seen, and used on at least one occasion to plug that
>>hole is to make their login shell something that can't be executed,
>>usually /dev/null.
>
> I seen to recall that something complained when I used /dev/null.
>Perhaps a log file. I have since then used /bin/true.

Changing the password field to something invalid (eg, `*') is more
straightforward, but if you really want to keep an account from being
used by changing the shell I'd recommend /usr/ucb/yes . . .


kilroy@mimsy.umd.edu        Darren F. Provine         ...uunet!mimsy!kilroy
"Money is far more persuasive than logical arguments." --Euripides