Mike Gerdts wrote: > On Mon, Sep 29, 2008 at 4:07 PM, Gary Winiger <gww at eng.sun.com> wrote: > >>> suid binary in /usr/bin: >>> >>> - allows users to change their own shell >>> - via RBAC allows users with the solaris.admin.usermgr.write privilege >>> to change anyone's shell >>> >> Kind of like chfn and chsh. Which IIRC were just links to passwd. >> Why do we need an authorization to change our own shell? >> > > Because... > > - Those with restricted shells should not be able to change their own shells. > Understood. Is there a way to check for this easily? ( or failing that have it denied for rXsh users ? ) > - Administrators should be able to deny this ability because of local > policy (e.g. the admin maintains Bourne shell compatible environment > files but doesn't and won't do the same for csh compatible shells). >
putting it in a separate package sufficient, or would an /etc/chsh.deny file be the preferred method? > As for chfn(1), I've worked in multiple places where the gecos field > is used to store the full name and a special key (e.g. employee badge > number) that is assumed to be reliable data to other systems. It can > be critical that this does not become user modifiable to maintain > integrity of some identity management schemes. > I agree, not a fan of chfn
