[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] how many shells do I need in /etc/shells?

Subject: Re: [cobalt-security] how many shells do I need in /etc/shells?
From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
Date: Thu, 16 Aug 2001 11:32:31 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

From: "Ted Behling" <TBehling@xxxxxxxxxxxxx>
> My RaQ 3 has the following shells configured:
>
> /bin/bash
> /bin/sh
> /bin/tcsh
> /bin/csh
> /bin/badsh
>
> bash and badsh are critical to your system.  bash, of course, is the
> default and primary shell.  badsh is a pseudoshell that displays the
> "Sorry, your account doesn't have shell access" message for non-shell
> users.  There's no reason to remove any of the other shells I've listed
above.

Maybe this is too obvious, but /bin/sh is a primary shell for many of the
shell scripts on the system, and should absolutely not be removed.

You're really not going to gain much by removing unnecessary shells. Any
hacker is probably going to use /bin/sh anyway, because they know how
necessary it is to your system. What you should try to do is remove
unnecessary shell accounts.

Kevin

Follow-Ups:
- Re: [cobalt-security] how many shells do I need in /etc/shells?
  - From: Ted Behling

References:
- Re: [cobalt-security] how many shells do I need in /etc/shells?
  - From: Ted Behling

Prev by Date: Re: [cobalt-security] how many shells do I need in /etc/shells?
Next by Date: Re: [cobalt-security] how many shells do I need in /etc/shells?
Previous by thread: Re: [cobalt-security] how many shells do I need in /etc/shells?
Next by thread: Re: [cobalt-security] how many shells do I need in /etc/shells?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index