security question - /bin/false

on most of my linux servers
when i run cat /etc/passwd at the top, you see root,bin,daemon, etc... but they don't have any shells specified...
so what i did was
passwd adm
passworded it, then logged in the box with user adm/and the pw i picked

It gave me a shell
basic, bash$2.04
my questoin is
is it ok for me to set bin,daemon,adm,operator, games,uucp's SHELL as /bin/false ? i dont think it would harm anything, would it??

I set user "nobody"'s shell to /bin/false

restaarted apache, went fine?
(apache runs as nobody)

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
sync:x:5:0security question - /bin/falseync:/sbin:/bin/sync
shutdown:x:6:0security question - /bin/falsehutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:
nobody:x:99:99:Nobody:/:

Can anyone help?

 

 

 

 

Top