On Tue, 2011-04-05 at 01:49 +0200, Guillem Jover wrote: [...] > Well, we can always fix login to behave more robustly, no? :) > > > If login worked consistently in the face of the configured shell going > > missing (automatically falling back to /bin/sh for root), then I think it > > would be worthwhile to do the work necessary to remove bash from the > > essential set. But until then, the primary purpose of Essential, to me, is > > the "minimal set guaranteed to be usable" aspect, not the "you don't have to > > depend on it" aspect. > > That's more or less what the attached patch does. It could certainly be > improved, as the knowledge of when to fallback is spread all over the > place, but that's an existing problem in the code anyway. [...] This appears to open up any accounts that have been deliberately disabled by setting their shell to a nonexistent path. I know that's a dumb way to disable an account, but that doesn't make this any less of a security hole. How about checking for the configured shell in /etc/shells before enabling the fallback? Ben. -- Ben Hutchings Once a job is fouled up, anything done to improve it makes it worse.
Description: This is a digitally signed message part