Stuart: actually you want code to run as underprivileged as possible. Here none of glance (or nova) runs as root, which is good. Only the postinst packaging script (and upstart script) do... So maybe keeping /bin/bash as shell is the best trade-off.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/890362 Title: Should glance user's shell be /bin/false? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/890362/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
