As part of the reports generated by tiger, I am recieving the following warnings:

Login ID ftp is disabled, but still has a valid shell [/bin/sh].

I recieve this for gopher, uucp, bin, nobody, etc.

Can or should I give them a false shell? How will this effect the OS.

What are you talking about?

Redirect local attempts to Lion and remote attempts to Puppy...

Did you look at what you wrote? We have no freaking clue what you're talking about.

From a quick search on linux.com.....

Tiger: Tiger is a UNIX Security Checker. Tiger is a package consisting of Bourne Shell scripts, C code and data files which is used for checking for security problems on a UNIX system. It scans system configuration files, file systems, and user configuration files for possible security problems and reports them. You can get it from:
http://www.giga.or.at/pub/hacker/unix

My question is concerning the utility mentioned by BluesMan in the above reply. When I run tiger (and not Lion or Puppy) the report it generates tells me exactly what I originally posted. My guess is that tiger is scanning my /etc/passwd file before it comes up with its warning. So my question is do ftp, uucp, gopher, etc. in my /etc/passwd file have valid shells or can I ignore this warning completely? And, if they do have valid shells, what would giving them false shells do?

[This message has been edited by ndelo (edited 10 December 2000).]

Give anything that doesn't need shell access the default shell of /bin/false (or some such nonesense)
As long as the shell doesn't exist.. So, you could give it /bin/lion or /bin/puppy if you wanted.