On 2 October 2014 16:19, Jason L Tibbitts III tibbs@math.uh.edu wrote:
"SJS" == Stephen John Smoogen smooge@gmail.com writes:
SJS> In this case that would be close to a hundred thousand accounts SJS> linked to /bin/noshellforyou for the 3200 that are cla+1.
Just stating a solution. It would actually work, after all. Whether it's worth the annoyance and any potential security exposure, I don't know. But if you want to display something to CLA+0 people but not CLA+1 people then, well, I believe that is the only way to do it.
SJS> In the past that was a great way to DOS a machine..
Maybe back in 1994 or something. I really doubt this is a consideration these days.
Well 2008. It was having too many unused accounts with too little memory to deal with having a good many of them looked up at the same time. In that case it was a ssh bot and then compounded by a student saying "hey let me go through ldap and login in and see how many people have the password password. And an account system which had accounts for students since 1980 in it (most of them set to /bin/nologin)
- J<