Re: how to make Debian less fragile (long and philosophical)

To: Steve Willer <willer@interlog.com>
Cc: debian-devel@lists.debian.org
Subject: Re: how to make Debian less fragile (long and philosophical)
From: Justin Wells <jread@semiotek.com>
Date: Fri, 20 Aug 1999 14:56:40 -0400
Message-id: <[🔎] 19990820145640.E20517@semiotek.com>
In-reply-to: <[🔎] Pine.LNX.4.10.9908200817340.30823-100000@anzha.willer.nws.net>; from Steve Willer on Fri, Aug 20, 1999 at 08:25:38AM -0400
References: <[🔎] 19990820110201.B29537@jester.vip.net.pl> <[🔎] Pine.LNX.4.10.9908200817340.30823-100000@anzha.willer.nws.net>

Create a user with a shell that segfaults and try getting sash
by hitting their account. More extreme would be to create a user
with a shell that is a symlink to a non-existent file (the situation
recently under unstable where bash was removed). If the first of
these works I'd probably accept it; though I'd prefer it if the
second worked too since I just saw Debian create that situation 
a week ago.

Michael Stone posted a good reason why ssh relies on your shell 
to execute commands: in case you have assigned a user a restrictive 
shell. So I would tend to view the reliance of sshd on your shell 
as something other than a bug.

Justin

On Fri, Aug 20, 1999 at 08:25:38AM -0400, Steve Willer wrote:
> 
> On Fri, 20 Aug 1999, Marek Habersack wrote:
> 
> > > Nope. ssh invokes the command you request by calling your shell, 
> > > with the '-c' argument, so if your shell is dynamically linked, sh 
> > > will fail to exec it, and your command (sash) won't get run.
> > No, ssh invokes either an interactive shell or the command specified on the
> > command line.
> 
> Actually, this is kinda interesting. I just tried it out, and I couldn't
> execute /bin/sash via ssh on my own account. I got two errors about libc
> missing.
> 
> My root account has the default .profile, I think, and I was able to
> convince it to run sash. I had to use ssh's -t parameter to make it work.
> I got one libc error, but it continued. I can only assume ssh is executing
> your startup files with bash but perhaps not running the command through
> bash?
> 
> The difference between the two users, as far as I can tell, is that my
> user's .bash_profile says:
> 
>    . ~/.bashrc
> 
> I guess this is what locked me out.
> 
> The conclusion, then, is that it is possible to get into a system that has
> sash installed but isn't using sash as root's prompt...if you're very
> careful about your startup script.
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

Follow-Ups:
- Re: how to make Debian less fragile (long and philosophical)
  - From: Steve Willer <willer@interlog.com>

References:
- Re: how to make Debian less fragile (long and philosophical)
  - From: Marek Habersack <grendel@vip.net.pl>
- Re: how to make Debian less fragile (long and philosophical)
  - From: Steve Willer <willer@interlog.com>

Prev by Date: Re: how to make Debian less fragile (long and philosophical)
Next by Date: Re: how to make Debian less fragile (long and philosophical)
Previous by thread: Re: how to make Debian less fragile (long and philosophical)
Next by thread: Re: how to make Debian less fragile (long and philosophical)
Index(es):
- Date
- Thread