14 May
2018
14 May
'18
21:22
On 14.05.2018 00:14, John Andersen wrote:
Is it customary and usual for User nobody to have /bin/bash as a shell? It seems that Opensuse is the only linux I have that allows this.
Most have nologin or /bin/false.
nobody is used for root_squash in NFS usually. See here: http://fullyautolinux.blogspot.de/2015/11/nfs-norootsquash-and-suid-basic-nf... But since exploiting suid binaries does not require a login, setting the shell to false/nologin does not change the security level.