On Mon, Sep 29, 2008 at 4:07 PM, Gary Winiger <gww at eng.sun.com> wrote: > >> suid binary in /usr/bin: > >> - allows users to change their own shell >> - via RBAC allows users with the solaris.admin.usermgr.write privilege >> to change anyone's shell > > Kind of like chfn and chsh. Which IIRC were just links to passwd. > Why do we need an authorization to change our own shell?
Because... - Those with restricted shells should not be able to change their own shells. - Administrators should be able to deny this ability because of local policy (e.g. the admin maintains Bourne shell compatible environment files but doesn't and won't do the same for csh compatible shells). As for chfn(1), I've worked in multiple places where the gecos field is used to store the full name and a special key (e.g. employee badge number) that is assumed to be reliable data to other systems. It can be critical that this does not become user modifiable to maintain integrity of some identity management schemes. -- Mike Gerdts http://mgerdts.blogspot.com/
