[SunHELP] Solaris Security
Thu Oct 10 09:53:59 CDT 2002
Hello gurus,
We're in the process of tightening the security on our Solaris Servers and
while setting the "account inactivity" threshold I noticed that some
accounts have *LK* in the second field.
listen:*LK*:::::::
ppp:*LK*:::::::
lanman:*LK*:::::::
john_doe:*LK*:::::30::
Reading through the man pages for /etc/shadow, I understand that the *LK*
must be the "lock string" they refer to. I would then assume that given the
string is present, no one should be able to log into these accounts as they
are locked. My confusion starts when I can "su" to these users from root, so
then I start asking myself what does "locked" really mean.
Anyone have any ideas?
Thanks.
Matthew
More information about the SunHELP
mailing list