From owner-freebsd-questions Tue Dec 12 9:22:18 2000 From owner-freebsd-questions@FreeBSD.ORG Tue Dec 12 09:22:16 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from cae88-102-101.sc.rr.com (cae88-102-101.sc.rr.com [24.88.102.101]) by hub.freebsd.org (Postfix) with ESMTP id CA99637B400; Tue, 12 Dec 2000 09:22:15 -0800 (PST) Received: (from dmaddox@localhost) by cae88-102-101.sc.rr.com (8.11.1/8.11.1) id eBCHMG325128; Tue, 12 Dec 2000 12:22:16 -0500 (EST) (envelope-from dmaddox) Date: Tue, 12 Dec 2000 12:22:16 -0500 From: "Donald J . Maddox" To: Doug Barton Cc: Daniel Bye , "'Cliff Sarginson'" , questions@FreeBSD.ORG Subject: Re: Root and the C Shell Message-ID: <20001212122216.A25077@cae88-102-101.sc.rr.com> Reply-To: dmaddox@sc.rr.com Mail-Followup-To: Doug Barton , Daniel Bye , 'Cliff Sarginson' , questions@FreeBSD.ORG References: <886CA0C095C5D411B95400508B6F741286606E@ukcamexch4.cam.uk.internal> <3A365BA7.DD603C89@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3A365BA7.DD603C89@FreeBSD.org>; from DougB@FreeBSD.ORG on Tue, Dec 12, 2000 at 09:08:55AM -0800 Return-Receipt-To: dmaddox@sc.rr.com Sender: dmaddox@cae88-102-101.sc.rr.com Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG While this is obviously a good policy if you are administering many different platforms, it really doesn't matter that much on FreeBSD, does it? On FreeBSD, at entry to single-user mode, you are prompted for the shell path, and it always defaults to /bin/sh, right? Where is the great danger here? On Tue, Dec 12, 2000 at 09:08:55AM -0800, Doug Barton wrote: > > You left out of your list the wisdom and experience of people who have > spent years administering unix machines in a variety of environments and > situations. The fact that you, in your limited experience have never had > any problems waving a loaded gun at your foot doesn't mean that it's > safe to do it. I don't mean to sound like a hardass here, but I'm sick > and tired of this, "_I_ do it, so it MUST be ok." line of (alleged) > reasoning. > > You are free to do whatever you want to do on your boxes, and I'm not > going to argue that point with you. If all you're running is a desktop > workstation that you can reach over and restart at the touch of a > switch, you probably never will run into a problem with a shell for root > on some other partition. However, it's clear that the BEST course of > action that covers more situations more appropriately is to make your > root shell one of the staticly linked shells that is built with the > system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message