Hello,

On Tue, 23 Jul 2002, Steven M. Bellovin wrote:
> >> It lets you log in -- assuming you've set a password -- if csh is
> >> damaged or deleted.
> >
> >right, but in that case shouldn't sysinst ask to set a password for
> >toor, or at least mention it during installation?
> >
> Yup.

I would say, there could be a hint in the documentation about toor, but in
default configuration, it should just be disabled _completely_, meaning an
invalid shell being installed. The administrator has to set a password, so
he can also set a shell.

On the other hand... why don't we kick toor out completely? If the
administrator thinks he needs one, he can create such an account. In other
environments, we usually call this account "admin". Maybe a hint in the
documentation.

And a very different point: Who really changes root's shell? Is there anyone
out there doing so? Did you ever use /bin/ksh as root's shell in Solaris?
Okay, every shell in /bin in NetBSD is statically linked, so it doesn't matter
(besides the fast that i hate csh :), but i personally hate changing root's
shell. Maybe scripts depend on it, and maybe you get problems in different
places.

I usually kick out toor, because i feel more comfortable with this.

Just my 0.02 EUR.

...Michael

-- 
http://www.bsdfans.org/     Home Powered by: (Net|Open|Free)BSD IRIX NonStop-UX
Solaris AIX HP-UX Tru64 MUNIX Ultrix VMS SINIX Dolphin_Unix OpenStep MacOS A/UX