Johan Danielsson writes:

> You can always run /bin/sh (or /rescue/bin/sh, whatever). In practice
> there are no problems with using strange or dynamically liked shells
> for root.

Believe me, in practice there _are_ problems with dynamically linked
shells for root, if no other root account with a different shell is
available.  In my remembrance is an incident on a Gnu/Linux system,
where all such binaries are dynamically linked, and some bloke (not
me, for a change), decided to upgrade the ncurses library, which was
used by /bin/sh (ie. bash on Linux), causing all running aswell as
newly started shells to segfault immediately.  We fixed the problem
through another root account, which had tcsh configured, which is also
dynamically linked but gladly didn't depend on the ncurses lib.  Would
that one not have been around, we would've had to reboot the system
and what's worse, would've had to drive to the machine, getting access
to the console.

I always give the "toor" account a password on *bsd (actually the same
as root, you just have to remember to also change it if you change
root's password), and I never change toor's default /bin/sh.

-- 
Matthias Buelow, mkb#at#informatik.uni-wuerzburg.de