[ On Thu, November 7, 1996 at 07:38:43 (-0800), Curt Sampson wrote: ]
> Subject: Re: bin/2905: setting environment vars from login
>
> > ...however I think the easiest way to do that would be to allow 
> > arguments shell arguments in the password file. That way, instead
> > of making the shell "/foo/bar/risky", you could make it
> > "/usr/bin/env - /foo/bar/risky".
> 
> Think of the implications this has for chsh and /etc/shells.

Hmm...  But remember /etc/shells isn't a list of allowable shells, but
rather a list of generic shells that users are free to choose from.
There's a subtle but *very* important difference.  If anything related
to security needs tweaking and clarification in *BSD, the meaning of
/etc/shells should certainly be near the top of the list.

In theory chsh shouldn't allow user selectable shells to be given
arguments and in theory it already prevents a user who's shell is not
listed in /etc/shells from changing their shell in the first place.

-- 
							Greg A. Woods

+1 416 443-1734			VE3TCP			robohack!woods
Planix, Inc. <woods@planix.com>; Secrets Of The Weird <woods@weird.com>