From owner-freebsd-security  Wed Apr  4 22:44:15 2001
Delivered-To: freebsd-security@freebsd.org
Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2])
	by hub.freebsd.org (Postfix) with ESMTP
	id 272C037B50C; Wed,  4 Apr 2001 22:44:08 -0700 (PDT)
	(envelope-from jwyatt@rwsystems.net)
Received: from bsdie.rwsystems.net([209.197.223.2]) (2288 bytes) by bsdie.rwsystems.net
	via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp
	(sender: <jwyatt@rwsystems.net>) 
	id <m14l2Y9-000CCVC@bsdie.rwsystems.net>
	for <freebsd-security@freebsd.org>; Thu, 5 Apr 2001 00:43:17 -0500 (CDT)
	(Smail-3.2.0.111 2000-Feb-17 #1 built 2000-Jun-25)
Date: Thu, 5 Apr 2001 00:43:17 -0500 (CDT)
From: James Wyatt <jwyatt@rwsystems.net>
To: Kherry Zamore <dknj@dknj.org>
Cc: freebsd-stable@freebsd.org, freebsd-security@freebsd.org
Subject: Re: su change?
In-Reply-To: <005401c0bc63$7cb36650$0202a8c0@majorzoot>
Message-ID: <Pine.BSF.4.10.10104031434320.4963-100000@bsdie.rwsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, 3 Apr 2001, Kherry Zamore wrote:
> Just recently my friend locked himself out of his machine by changing root's
> shell to a nonexisting file.  The only way he could become root again was by
> rebooting the machine into single user mode and changing it from there.  Now
> while I know that its foolish to change root's shell in the first place, i
> don't think this is an acceptable punishment for those that do.

Your friend had a "root awakening", eh? Consider it a cheap lesson on:

1) Use chsh to change shells *always*. If not, use vipw at least.

2) sudo can be a handy beast. It helps forgotten root passwords too!

3) Playing with root's shell is dangerous and, I'm sorry, just stupid. If
your new shell has shared libs on another filesystem that fails to mount,
you are toast. (BillVer can attest to this from csh on the Tandy 6000.)
Scripts should spec their shell, but you could still get caught there too.
The csh v.s. sh debate is part of why 'toor' was created. sudo also gets
around this by letting you use user's favorite shells. 

4) Make a playground. Take some abandoned box and install an OS on it to
"beat up". Do experimental or "crazy" things on *it* first. (At least you
can't kill-off init anymore, you could on the VAX. (^_^)) This is a good
idea for WinServers too, btw. Using Ghost(tm), you can bring your machine
back from the dead in no time.

Any experienced admin has plenty of tales (tightening access until telnet
fails, live ifconfig-ing the WRONG ip, SMTP alias loops, forgetting Caps
Lock was on in vi, etc...). I wouldn't hire an admin that didn't have some
experience with damage control - you don't know how they will react. - Jy@


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message