Date: Wed, 22 Sep 2021 19:47:50 +0200 From: Gary Jennejohn <gljennjohn@gmail.com> To: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net> Cc: Shawn Webb <shawn.webb@hardenedbsd.org>, John Baldwin <jhb@FreeBSD.org>, Baptiste Daroussin <bapt@FreeBSD.org>, current@FreeBSD.org, arch@FreeBSD.org Subject: Re: [HEADSUP] making /bin/sh the default shell for root Message-ID: <20210922194750.55af63d5@ernst.home> In-Reply-To: <202109221552.18MFqsTS050409@gndrsh.dnsmgr.net> References: <20210922154222.6bvnqk4kjjxewy6n@mutt-hbsd> <202109221552.18MFqsTS050409@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Sep 2021 08:52:53 -0700 (PDT) "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > On Wed, Sep 22, 2021 at 08:34:58AM -0700, John Baldwin wrote: > > > On 9/22/21 1:36 AM, Baptiste Daroussin wrote: > > > > Hello, > > > > > > > > TL;DR: this is not a proposal to deorbit csh from base!!! > > > > > > > > For years now, csh is the default root shell for FreeBSD, csh can be confusing > > > > as a default shell for many as all other unix like settled on a bourne shell > > > > compatible interactive shell: zsh, bash, or variant of ksh. > > > > > > > > Recently our sh(1) has receive update to make it more user friendly in > > > > interactive mode: > > > > * command completion (thanks pstef@) > > > > * improvement in the emacs mode, to make it behave by default like other shells > > > > * improvement in the vi mode (in particular the vi edit to respect $EDITOR) > > > > * support for history as described by POSIX. > > > > > > > > This makes it a usable shell by default, which is why I would like to propose to > > > > make it the default shell for root starting FreeBSD 14.0-RELEASE (not MFCed) > > > > > > > > If no strong arguments has been raised until October 15th, I will make this > > > > proposal happen. > > > > > > > > Again just in case: THIS IS NOT A PROPOSAL TO REMOVE CSH FROM BASE! > > > > > > I think this is fine. I would also be fine with either removing 'toor' from the > > > default password file or just leaving it as-is for POLA. (I would probably > > > prefer removing it outright.) > > > > HardenedBSD recently removed toor. No one has complained (yet?). A > > small Twitter poll[0] showed that 85% of people who responded do not > > use toor. > > A truely disastisified customer does not complain, they simply > go some place else for there products. Be carefull in what you > believe silence to be saying. > I use toor on every FreeBSD machine as the root login using bash. I never log in as root. But removing it wouldn't be a deal breaker for me. I'd just put it back into /etc/passwd. > > > > [0]: https://twitter.com/HardenedBSD/status/1415781911063056389 > > > > Thanks, > > > > -- > > Shawn Webb > > Cofounder / Security Engineer > > HardenedBSD > > > > https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc > > -- > Rod Grimes rgrimes@freebsd.org > -- Gary Jennejohn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20210922194750.55af63d5>