How to execute with /bin/false shell
- by Amar
I am trying to setup per-user fastcgi scripts that will run each on a different port and with a different user. Here is example of my script:
#!/bin/bash
BIND=127.0.0.1:9001
USER=user
PHP_FCGI_CHILDREN=2
PHP_FCGI_MAX_REQUESTS=10000
etc...
However, if I add user with /bin/false (which I want, since this is about to be something like shared hosting and I don't want users to have shell access), the script is run under 1001, 1002 'user' which, as my Google searches showed, might be a security hole. My question is: Is it possible to allow user(s) to execute shell scripts but disable them so they cannot log in via SSH?