Re: Login shell (was: Small Bug)
On Thu, 16 Mar 2000, Norbert Nemec wrote:
> On Thu, Mar 16, 2000 at 01:01:19AM +0100, Marcus Brinkmann wrote:
> > (BTW, it is possible to turn the login shell into a login prompt. Then all
> > this does not apply of course).
>
> Great, that's the piece of information I was waiting for! Actually I do not
> know any reason, why the login-shell was introduced at all! Why would you
> allow any non-logged in user to execute any command but "login"? Any user
> who has an account can simply log in and do whatever he wants to do
> afterwards, and people who do not have accounts should not be allowed to do
> anything! In case you really need anonymous access, you can simply introduce
> a "guest" account on your machine, just as it is done on many Linux machines
> already.
>
> Also: having a real shell running makes playing around with the machine much
> more interesting! If you are sitting on a machine with just a login prompt,
> it get very boring to just try one username/password pair after the other.
> On a prompt, you get at least the impression that there might be some other
> intelligent way to crack the system.
>
> For that reason, my suggestion would be, to drop the whole idea about the
> login shell, and by that drop all the effort about the fourth permission set!
> (Just think how long it will take, until all the tools are modified to
> support that feature!)
I kind of like the idea of a login shell the more I follow this
discussion. It's revolutionary. If the machine can be made secure with
it, why not? It makes for a more versatile system.
Reply to: