* Andreas Barth ([EMAIL PROTECTED]) wrote: > * sean finney ([EMAIL PROTECTED]) [051026 14:20]: > > i don't think removing and reusing users is a good idea in practice. > > what harm would there be in simply leaving the user account on the > > system permenantly, with maybe locking the account and setting the > > shell to /bin/false? > > Yep, that's probably best practice.
In a 'best practice' setup, I'd think it's certainly be much better for
unused accounts to not exist than to have them exist but be locked out
through some means. I'm not a huge fan of trusting 'lock-out'
mechanisms as they can be different for different authentication
systems.
Thanks,
Stephen
signature.asc
Description: Digital signature
