Bill Campbell wrote:
On Sun, May 31, 2009, Matt Harrington wrote:
Should unprivileged users be able to change their shell with lchsh on 5.3 and, if it matters, CentOS Directory Server? lchsh seems to require more open permissions than those which come with a default installation:
Personally I would not permit uses to change their shells, but require appropriate admin privileges. I have seen systems hacks made via webmin or usermin where the user's shell was changed from /bin/false to /bin/bash, then the account used to install user-level bots that definately should not have been there.
Any tool that changes the shell should have a whitelist of shells the user account must currently be set to or it exits, and probably should validate the new shell is in that white list as well before it changes it.