Gary Winiger wrote:
>> suid binary in /usr/bin:
>>
>
>
>> - allows users to change their own shell
>> - via RBAC allows users with the solaris.admin.usermgr.write privilege
>> to change anyone's shell
>>
>
> Kind of like chfn and chsh. Which IIRC were just links to passwd.
> Why do we need an authorization to change our own shell?
>
> Gary..
>
you shouldn't need an authorization to change your own shell, that's the
point. the auth idea was such that you can change other peoples' shells
without usermod ( for example tech support people that get a 'change my
shell' ticket, easier than bouncing it back to the user )
