> -----Original Message----- > From: redhat-list-admin@xxxxxxxxxx > [mailto:redhat-list-admin@xxxxxxxxxx]On Behalf Of j.travis > Sent: Wednesday, December 17, 2003 10:59 AM > To: redhat-list@xxxxxxxxxx > Subject: Re: password confirmation > > > I was able to su to a user with a shell of '/bin/false' > successfully and > continue working with the new users permissions. Does the > shell even get > changed after an 'su'? Are you sure? Does "whoami" show that you're the new user? At any rate, su'ing to a user with an invalid shell would actually test if the password is correct or not, because a wrong password will return a failure message from su. You just shouldn't be able to execute any commands as the user. -Steve -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
