Date: Tue, 10 May 2005 01:09:57 -0400 From: Charles Swiger <cswiger@mac.com> To: Michael Nottebrock <lofi@freebsd.org> Cc: freebsd-current@freebsd.org Subject: Re: boot banner project Message-ID: <3c33db4aa0c08292214219f868819726@mac.com> In-Reply-To: <200505080957.19137.lofi@freebsd.org> References: <ff3ef3b2621f16316effcf296f044d93@mac.com> <200505080425.24495.lofi@freebsd.org> <20050508073446.GA21550@freebie.xs4all.nl> <200505080957.19137.lofi@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[ Sorry for the delay in responding, I decided to take the weekend off from email. 600 FreeBSD messages await me, no doubt filled with a mixture of useful tech stuff and the copyright-thread-that-won't-die. ] On May 8, 2005, at 3:57 AM, Michael Nottebrock wrote: >>> You got lucky then, because there's some actual footshooting >>> potential in >>> doing that. Use toor. >> >> Interesting, I have been running /bin/sh since 1.0R (yes..) for root >> and it never bit me. Where is that footshooting potential? > > Sorry, I just scanned the thread before replying - there's probably no > footshooting potential in using /bin/sh for root. > > I was thinking about using (/usr/local/bin/)bash for root, something a > lot of > people try to do (until they notice a toe missing :). I've managed to plunk a round or two into my own foot, using a shell located in /usr/local, rather than staticly linked and present on /. :-) It's no fun to boot off a CD because the system can't automaticly fsck the filesystem that root's shell wants to use, and wants manual help... However, the toor account is a fine idea: every system I've got-- whether running FreeBSD or not-- uses /bin/sh for root's shell. However, I've also created toor accounts using my preferred shell [1] as a backup. If FreeBSD were to ship with tcsh as toor's shell, and /bin/sh as root's shell, that would still provide a super-user login with tcsh for those who want such a thing. However, logging in as a normal user and gaining privileges via sudo seems to work just as well, and avoids the need to login directly as a UID==0 account. -- -Chuck [1]: ZSH.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3c33db4aa0c08292214219f868819726>