Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!rutgers!nysernic!itsgw!leah!uwmcsd1!uwmacc!hobbes!root From: root@hobbes.UUCP (John Plocher) Newsgroups: comp.unix.questions Subject: Re: login shell == ../vi Message-ID: <139@hobbes.UUCP> Date: Tue, 30-Jun-87 13:18:55 EDT Article-I.D.: hobbes.139 Posted: Tue Jun 30 13:18:55 1987 Date-Received: Wed, 1-Jul-87 05:39:59 EDT References: <10249@cgl.ucsf.EDU> <196@picuxa.UUCP> <629@uhccux.UUCP> <1452@ulowell.cs.ulowell.edu> Reply-To: root@hobbes.UUCP (John Plocher) Followup-To: comp.unix.questions Organization: U of Wisconsin - Madison Spanish Department Lines: 32 +---- Andy Rosen writes the following in <1452@ulowell.cs.ulowell.edu> ---- | chsh exists only in BSD versions. SysV does not have chsh so you need | super-user access to change someones shell. | | >However, some system | >administrators deny access to chsh to prevent users from accidentally | >changing their login shell | | The file /etc/shells contains a newline seperated list of permissible | shells for chsh. If anyone could make their shell whatever they like... +----- Am I missing something? Why shouldn't a user be allowed to change her shell to be anything she wants? What is the difference between her running a program from a shell (% /usr/local/emacs foobar) or having the program as her shell (me::1000:1000:I said ME:/usr/guest:/usr/local/emacs)? If I as a user change my shell to /bin/echo I will then have to beg root to change it back to something useful, same as if I changed it it /bin/true or /usr/ucb/yes. More work for root, but in the given case (shell == ../vi) the public domain chsh from mod.sources archives tests to see that the new shell has an absolute path starting from / and has execute permissions. If I can't execute a program from a shell because of access restrictions (ie /usr/adm/accton) then I wouldn't be able to execute it as a login shell, right? John Plocher -- John Plocher UUCP: !uwvax!uwmacc!hobbes!plocher ============== Internet: plocher%hobbes.UUCP@uwvax.cs.Wisc.EDU FidoNet: 121/0 BITNET: uwvax!uwmacc!hobbes!plocher@psuvax1