Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!lll-crg!mordor!sri-spam!sri-unix!hplabs!hpcea!hpfcdc!rml
From: rml@hpfcdc.HP.COM (Bob Lenk)
Newsgroups: comp.bugs.4bsd
Subject: Re: 4.3 /etc/shells
Message-ID: <4910001@hpfcdc.HP.COM>
Date: Thu, 13-Nov-86 14:47:14 EST
Article-I.D.: hpfcdc.4910001
Posted: Thu Nov 13 14:47:14 1986
Date-Received: Sat, 15-Nov-86 23:56:43 EST
References: <550@mcgill-vision.UUCP>
Organization: HP Ft. Collins, Co.
Lines: 25

> Could someone explain what this /etc/shells silliness is all about?
> Why joe user can't change his shell to whatever he pleases??  I see no
> reason to restrict users in their choice of shells

I won't claim to explain what it's all about.  One reason that a
system administrator might want to restrict the login shells available
is to insure that every user who logs on executes some specific code
(in /etc/profile or analogous file for other permitted login shells).
In that case a one-line .profile which exec's another shell is a
good solution for everyone involved.

Another reason that some checking must be done is so a user can't
install a shell like "/bin/sh\nbreakin::0:1::/:/bin/sh" (that doesn't
require /etc/shells, but requires some check).

>                                                      in fact, this is
> one of the things usually quoted as a great strength of UNIX.

That strength still exists, but the system administrator is permitted to
limit the freedom.  Perhaps some systax in /etc/shells (like an entry of
* ) which permits any shell to be installed (subject to security checks)
would be nicer.

			Bob Lenk
			{hplabs, ihnp4}!hpfcla!rml