Re: default shell for nobody, once was /bin/true
In traditional unix the su-er inherits the whole enviroment, therefore he
inherits _lots_ of dangerous stuff. Thats is true. Which means that even if
he wants to protect himself, the su-er gets no chance. He cannot protect
himself, neither can the su-ee stay protected (of course).
Once su is changed the su-er, if carefull, has the ability to protect himself.
So far it makes sense Bruce.
Ioannis Tambouras
ioannis@flinet.com, West Palm Beach, Florida
Signed pgp-key on key server.
On Thu, 27 Feb 1997, Bruce Perens wrote:
> I think the problem is that "su" should use $SHELL or /bin/sh if that's
> not set, and not even look at the default shell of the user you are
> su-ing to unless given a flag that says to do so. I think the way it's
> done today is a mistake, because it leaves the system administrator
> running some random program (hopefully an interactive shell) when he or
> she really meant only to assume a user's access rights, not their entire
> environment. I think we should develop a consensus on this point and fix
> the program.
>
> Bruce
>
> From: Kevin Dalley <kevin@aimnet.com>
> ! Date: 27 Feb 1997 08:53:16 -0800
> ! In-Reply-To: csmall@gonzo.triode.net.au's message of Tue, 18 Feb 1997 22:59:08 +1100 (EST)
> ! Message-Id: <87ohd6kx67.fsf@aplysia.iway.aimnet.com>
> ! Lines: 24
> ! X-Mailer: Gnus v5.2.25/XEmacs 19.14
> ! Status: R
> !
> ! csmall@gonzo.triode.net.au writes:
> !
> ! >
> ! > Bruce Perens typed:
> ! > > From: Kevin Dalley <kevin@aimnet.com>
> ! > > > The updatedb cron.daily job runs "su -c command nobody", which works
> ! > > > fine with /bin/sh as the login shell, but fails with /bin/true.
> ! > >
> ! > > The reason is that "su" uses the login shell for the su-ed user from
> ! > > /etc/passwd . I had users who should never have been able to log in
> ! > > using /bin/true as a shell so that if somehow they did log in they'd
> ! > > be logged out immediately (true's only function is to exit with 0 status).
> ! > > This broke "su", so I had to change those login shells to /bin/sh .
> ! >
> ! > Can't you use "su -c command -s /bin/sh nobody" ?
> ! >
> !
> ! In theory, yes. However, "-s" is not a standard su command line
> ! argument, though it is available on our system. I prefer to try a
> ! command that will work with most su implementations
> --
> Bruce Perens K6BP Bruce@Pixar.com 510-215-3502
> Finger bruce@master.Debian.org for PGP public key.
> PGP fingerprint = 88 6A 15 D0 65 D4 A3 A6 1F 89 6A 76 95 24 87 B3
>
Reply to: