Date: Wed, 04 Apr 2001 17:06:02 -0700 (PDT) From: John Baldwin <jhb@FreeBSD.org> To: Jeremiah Gowdy <data@irev.net> Cc: freebsd-security@FreeBSD.org, freebsd-stable@FreeBSD.org, Kherry Zamore <dknj@dknj.org>, Matthew Emmerton <matt@gsicomp.on.ca> Subject: Re: su change? Message-ID: <XFMail.010404170602.jhb@FreeBSD.org> In-Reply-To: <002d01c0bc6d$2d558390$035778d8@sherline.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 03-Apr-01 Jeremiah Gowdy wrote: > >> > if (!chshell(pwd->pw_shell) && ruid) >> > errx(1, "permission denied (shell)."); >> > >> > The only thing we need to prepend to this is a check to see if we are >> trying >> > to su to root, which we should allow regardless of the shell specified: >> >> I disagree. The root account is an account that needs to have the highest >> number of security checks present. > > Then make a point as to why root, when not having a valid shell, not being > able to log in is a useful security check in any way shape or form. So Last time I checked single-user was a shape. The real problem here is people changing root's shell. You shouldn't be logging in as root in the first place. I remember back in the 2.1.x and 2.2.x days when .cshrc actually used to yell at people if you logged in as root. Use sudo, supser, su2, or su -m instead. Root's login shell and login shell files should be kept simple and sane and not dinked with. This is a people problem with the administrators in question and hacking up su is not the right fix. -- John Baldwin <jhb@FreeBSD.org> -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.010404170602.jhb>