tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: "valid shell"s

On Thu, Feb 07, 2008 at 03:49:13PM -0500, der Mouse wrote:
 > > That's the entire premise behind checking the shell, as opposed to,
 > > say, /etc/ftpusers or other more verbose configuration files that do
 > > or could exist.
 > Equating those two is the premise behind abusing getusershell() to
 > check for things like "may use server-side FTP", yes.  But that
 > equation is invalid.

Yes, that was at least part of the point. I think we're now arguing
about whether we're agreeing.

The rest of the point I was trying to make is that whether or not that
equivalence is a mistake, one can't abolish it without providing some
alternative way to arrive at a similar conclusion.

 > > you can't remove the concept of a valid shell without providing a
 > > suitable alternate check for these cases.
 > Actually, from a dogmatic point of view, the correct thing to do is to
 > wall them off from the "valid shell" concept, to make them stop abusing
 > it by equating it with other things.

Yes, but if you don't provide an alternative, and for that matter also
a cogent explanation of why the alternative is more correct, they'll
just hack around your restriction. You will find lame programs coming
with a config test for getusershell() or whatever and providing an
alternative method that checks only if the user's shell is

Dogmatism isn't good for system design.

Furthermore, fixing a problem properly requires considering the entire
framework of the problem, including the administrative and social
contexts and the costs of deploying solutions.

 > As a matter of pragmatics, it makes it, among other things, impossible
 > to configure a box such that users in general have control over their
 > own shells; setting such a system up demands some coding in that case -
 > either writing the wrapper or removing the getusershell() stupidity
 > from (at least) chsh.

Pragmatically, a lot of things are wrong and the more serious problems
should be tackled first. I'm just really not convinced /etc/shells is
very high on that list.

David A. Holland

Home | Main Index | Thread Index | Old Index