[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
If rbash is worthless, why not remove it and decrease bloat?
|
From: |
Linda Walsh |
|
Subject: |
If rbash is worthless, why not remove it and decrease bloat? |
|
Date: |
Fri, 15 Mar 2013 13:01:30 -0700 |
|
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.24) Gecko/20100228 Lightning/0.9 Thunderbird/2.0.0.24 Mnenhy/0.7.6.666 |
Greg Wooledge wrote:
> Honestly, a "restricted shell" is usually a pitiful thing that would be
> a joke, except it's not even funny.
>
> I have no idea what the POSIX standard has to do with your question,
> though.
-----
Chet answered this in context:
Chet Ramey wrote:
> On 3/14/13 2:52 AM, Linda Walsh wrote:
>> Is 'rbash' not part of POSIX?
> Posix has chosen not to standardize the restricted shell, either `rsh' or
> `set -r'.
----
I had the erroneous belief that 'rbash' was something useful to some
people or was part of the POSIX standard.
As it is neither and provides little or no increased security over
chrooting a process as Chris mentioned:
Chris Down wrote:
> For the record running rbash without a chroot does not make any sense
> in reality, it's usually easy to break out of.
Perhaps it would be doing a favor to users and allow some minor code
cleanup to simply get rid of the 'rbash'/restricted functionality.
It sounds like the idea isn't worth the increased bloat.
If it cannot be removed, then some people are using it with the false
expectation that it provides some increased security. Better to get
rid of that than have someone think it is worth the extra bytes it takes
to implement.
- ignoring current shell and always running posix shell? Re: Should this be this way?, Linda Walsh, 2013/03/11
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Pierre Gaston, 2013/03/11
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Linda Walsh, 2013/03/11
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Pierre Gaston, 2013/03/12
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Chet Ramey, 2013/03/12
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Linda Walsh, 2013/03/14
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Chris Down, 2013/03/14
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Greg Wooledge, 2013/03/14
- If rbash is worthless, why not remove it and decrease bloat?,
Linda Walsh <=
- Re: If rbash is worthless, why not remove it and decrease bloat?, Bob Proulx, 2013/03/15
- Re: If rbash is worthless, why not remove it and decrease bloat?, Chet Ramey, 2013/03/16
- Re: If rbash is worthless, why not remove it and decrease bloat?, Chris Down, 2013/03/16
- Re: If rbash is worthless, why not remove it and decrease bloat?, Pierre Gaston, 2013/03/16
- Re: If rbash is worthless, why not remove it and decrease bloat?, Chris Down, 2013/03/16
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Chet Ramey, 2013/03/14