From owner-freebsd-security@FreeBSD.ORG  Fri Jul  9 21:22:48 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 58AB116A4CE
	for <freebsd-security@freebsd.org>;
	Fri,  9 Jul 2004 21:22:48 +0000 (GMT)
Received: from islet.dsl.unixan.com (islet.dsl.unixan.com [206.124.137.22])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F36F843D31
	for <freebsd-security@freebsd.org>;
	Fri,  9 Jul 2004 21:22:47 +0000 (GMT)	(envelope-from djb@unixan.com)
Received: from mesa.dsl.unixan.com (djb@mesa.dsl.unixan.com [206.124.137.18])
	by islet.dsl.unixan.com (8.12.11/8.12.11) with SMTP id i69LMlSR002984;
	Fri, 9 Jul 2004 14:22:47 -0700 (PDT)
	(envelope-from djb@unixan.com)
Date: Fri, 9 Jul 2004 14:22:46 -0700
From: Daniel Brown <djb@unixan.com>
To: "Dan Langille" <dan@langille.org>
Message-Id: <20040709142246.30a96c9f.djb@unixan.com>
In-Reply-To: <40EECA19.3925.EDD9BBEB@localhost>
References: <40EECA19.3925.EDD9BBEB@localhost>
X-Mailer: Sylpheed version 0.9.10 (GTK+ 1.2.10; i686-pc-linux-gnu)
X-Face: ".E)>Dp:mH<OtVR$Zb)eCw;
	6LEM[iZr4],$RT.#eYE/LB{@vq?x2QV}zd{cIx$]:g!uKx$Nr/mgHeM'CVI?=_m$vhe>JC%;
	_j&|O(iET^Y#v)'R,3Th)?un#2[`x7J&@ClPD0?MlzHBP61gci=t1G!Jf8V9r+nMFv:GX&}5R2YZ@lzKO_S5,^.!^<^OijwA[0*`cfC'.Ft7-qcuK4^-Cu
X-Face-Credit: Saviour Machine; www.saviourmachine.com
X-Frustrated-Since: 999302400
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
cc: freebsd-security@freebsd.org
Subject: Re: bash as a login shell (was Root users shell == no existant
 shell /bin/bash)
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jul 2004 21:22:48 -0000

Wrote Dan Langille:

> On 9 Jul 2004 at 13:11, Daniel Brown wrote:
> 
> > On the other hand, I've run across a sysadmin who always enables his
> > toor accounts -- and changes its shell to bash.  As a result, not only
> > is there an alternate root account (good in case 'root' trampled on by
> > accident or purpose), but you can get root bash as a login shell while
> > leaving the real root to its normal shell.
> 
> This make it sound like you find it very bothersome to login and type 
> 'bash' (or whatever), to give yourself the shell you want.  Is that 
> so?

When you prefer to use a shell every single time, then having to type
'bash' is an unnecessary bother every time.  This is more so when you
work in a group of admins -- some people are less tolerant of manually
entering a different shell than others.

To be honest, also, it's not always very obvious which shell you log
into at first.  Just going to the right shell in the first place
removes the confusion.

      -Daniel