tcsh
Root Boy Jim
rbj at dsys.icst.nbs.gov
Wed May 31 03:07:42 AEST 1989
? From: Jerry Peek <jdpeek at rodan.acs.syr.edu>
? /etc/shells is there for security. Don't put untested shells in the file.
No it's not. It's there for the SA's piece of mind when J. Random Hacker's
turbo-charged replacement shell core dumps and he can't log in and has
to ask Mr. Root Person to `cp /bin/sh ~jrh/bin/tcrsh' until the next bug.
Note that this still allows `echo exit | tee .cshrc .login > .profile'.
Perhaps /etc/shells was designed to avoid using a suid or guid shell
that I currently cannot execute. If so, then let that be the
requirement, or ban suid, gid, and sticky bit files altogether. Much
simpler, and more flexible.
A reasonable compromise would allow anything in /bin.
? --Jerry Peek; Syracuse University Academic Computing Services; Syracuse, NY
? jdpeek at rodan.acs.syr.edu, jdpeek at suvm.bitnet
? +1 315 443-3995
Root Boy Jim is what I am
Are you what you are or what?
More information about the Comp.unix.questions
mailing list