[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: If rbash is worthless, why not remove it and decrease bloat?
|
From: |
Pierre Gaston |
|
Subject: |
Re: If rbash is worthless, why not remove it and decrease bloat? |
|
Date: |
Sat, 16 Mar 2013 23:06:26 +0200 |
On Sat, Mar 16, 2013 at 6:28 PM, Chris Down <address@hidden> wrote:
> On 2013-03-16 12:13, Chet Ramey wrote:
>> > If it cannot be removed, then some people are using it with the false
>> > expectation that it provides some increased security. Better to get
>> > rid of that than have someone think it is worth the extra bytes it takes
>> > to implement.
>>
>> Folks cling tightly to their ideas about what should and should not be in
>> bash and how it should behave. I'm comfortable with leaving the restricted
>> shell feature in the current state and allowing users or distributions to
>> disable it at their option. The `bloat' is not significant enough to be a
>> factor.
>
> I agree in general, however, I would be in favour of at least adding something
> to the man page that indicates rbash should not be considered secure except in
> very specific implementations. I've dealt with too many people that falsely
> think it increases security (although, whether these are the sort of people to
> read man pages over ill-informed garbage on some guy's "Linux blog", I don't
> know).
>
> Chris
I don't think the manual gives this impression as it is.
It doesn't say "secure" but "more controlled" and I think the way it
is described really force the possible user to think about what rbash
really provides.
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, (continued)
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Linda Walsh, 2013/03/11
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Pierre Gaston, 2013/03/12
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Chet Ramey, 2013/03/12
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Linda Walsh, 2013/03/14
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Chris Down, 2013/03/14
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Greg Wooledge, 2013/03/14
- If rbash is worthless, why not remove it and decrease bloat?, Linda Walsh, 2013/03/15
- Re: If rbash is worthless, why not remove it and decrease bloat?, Bob Proulx, 2013/03/15
- Re: If rbash is worthless, why not remove it and decrease bloat?, Chet Ramey, 2013/03/16
- Re: If rbash is worthless, why not remove it and decrease bloat?, Chris Down, 2013/03/16
- Re: If rbash is worthless, why not remove it and decrease bloat?,
Pierre Gaston <=
- Re: If rbash is worthless, why not remove it and decrease bloat?, Chris Down, 2013/03/16
- Re: ignoring current shell and always running posix shell? Re: Should this be this way?, Chet Ramey, 2013/03/14