Re: default shell for nobody, once was /bin/true

To: debian-devel <debian-devel@lists.debian.org>
Subject: Re: default shell for nobody, once was /bin/true
From: Ioannis Tambouras <ioannis@flinet.com>
Date: Fri, 28 Feb 1997 02:15:40 -0500 (EST)
Message-id: <[🔎] Pine.LNX.3.95.970228012010.15656B-100000@ohiox.haw.org>
In-reply-to: <m0w0EbH-00MDyiC@golem.pixar.com>

In traditional unix the su-er inherits the whole enviroment, therefore he 
inherits _lots_ of dangerous stuff. Thats is true. Which means that even if
he wants to protect himself, the su-er gets no chance. He cannot protect 
himself, neither can the su-ee stay protected (of course). 

Once su is changed the su-er, if carefull, has the ability to protect himself.
So far it makes sense Bruce. 



Ioannis Tambouras 
ioannis@flinet.com, West Palm Beach, Florida
Signed pgp-key on key server. 

On Thu, 27 Feb 1997, Bruce Perens wrote:

> I think the problem is that "su" should use $SHELL or /bin/sh if that's
> not set, and not even look at the default shell of the user you are
> su-ing to unless given a flag that says to do so.  I think the way it's
> done today is a mistake, because it leaves the system administrator
> running some random program (hopefully an interactive shell) when he or
> she really meant only to assume a user's access rights, not their entire
> environment. I think we should develop a consensus on this point and fix
> the program.
> 
> 	Bruce
> 
> From: Kevin Dalley <kevin@aimnet.com>
> ! Date: 27 Feb 1997 08:53:16 -0800
> ! In-Reply-To: csmall@gonzo.triode.net.au's message of Tue, 18 Feb 1997 22:59:08 +1100 (EST)
> ! Message-Id: <87ohd6kx67.fsf@aplysia.iway.aimnet.com>
> ! Lines: 24
> ! X-Mailer: Gnus v5.2.25/XEmacs 19.14
> ! Status: R
> ! 
> ! csmall@gonzo.triode.net.au writes:
> ! 
> ! > 
> ! > Bruce Perens typed:
> ! > > From: Kevin Dalley <kevin@aimnet.com>
> ! > > > The updatedb cron.daily job runs "su -c command nobody", which works
> ! > > > fine with /bin/sh as the login shell, but fails with /bin/true.
> ! > > 
> ! > > The reason is that "su" uses the login shell for the su-ed user from
> ! > > /etc/passwd . I had users who should never have been able to log in
> ! > > using /bin/true as a shell so that if somehow they did log in they'd
> ! > > be logged out immediately (true's only function is to exit with 0 status). 
> ! > > This broke "su", so I had to change those login shells to /bin/sh .
> ! > 
> ! > Can't you use "su -c command -s /bin/sh nobody" ?
> ! > 
> ! 
> ! In theory, yes.  However, "-s" is not a standard su command line
> ! argument, though it is available on our system.  I prefer to try a
> ! command that will work with most su implementations
> --
> Bruce Perens K6BP   Bruce@Pixar.com   510-215-3502
> Finger bruce@master.Debian.org for PGP public key.
> PGP fingerprint = 88 6A 15 D0 65 D4 A3 A6  1F 89 6A 76 95 24 87 B3 
>

Reply to:

Prev by Date: Re: XEmacs, Emacs and elisp
Next by Date: Re: Freezing Bo (Debian 1.3)
Previous by thread: Re: default shell for nobody, once was /bin/true
Next by thread: New package: HTML-check : An HTML validation suite
Index(es):
- Date
- Thread