Bug#1794: /bin/sh is shell when none specified in /etc/passwd

To: Debian bugs submission address <debian-bugs@Pixar.com>
Subject: Bug#1794: /bin/sh is shell when none specified in /etc/passwd
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
Date: Thu, 2 Nov 95 19:16 GMT
Message-id: <[🔎] m0tB57j-0002YDC@chiark.chu.cam.ac.uk>
Reply-to: Ian Jackson <ian@chiark.chu.cam.ac.uk>, debian-bugs@Pixar.com

Package: ?

I recently created a special-purpose entry in /etc/passwd, with an
empty shell field.  I was surprised to see that `finger' reported the
shell as `/bin/sh', and tried using `su' from a root shell to su to
the account.  Sure enough, I got a shell.

This seems wrong to me, particularly in the light of the many `system'
entries in /etc/passwd that have no shell in their shell field.  It's
not clear that there is a real vulnerability here, but I would feel
happier if things in general didn't treat an absent shell field as
/bin/sh.

In the meantime I've changed the shells for `mail', &c, to
`/bin/false'.

Ian.

Reply to:

Follow-Ups:
- Bug#1794: bin/sh is shell when none specified in /etc/passwd
  - From: Bruce Perens <bruce@Pixar.com>

Prev by Date: Bug#1793: german.hash has wron magic number
Next by Date: Bug#1795: Paths inconsistent in kernel and pppd
Previous by thread: Re: FTP Installation & Package Naming Conventions
Next by thread: Bug#1794: bin/sh is shell when none specified in /etc/passwd
Index(es):
- Date
- Thread