On 2021-09-22 12:26, Marek Zarychta wrote:
W dniu 22.09.2021 o 19:46, Warner Losh pisze:On Wed, Sep 22, 2021 at 9:35 AM John Baldwin <j...@freebsd.org> wrote:On 9/22/21 1:36 AM, Baptiste Daroussin wrote:Hello, TL;DR: this is not a proposal to deorbit csh from base!!! For years now, csh is the default root shell for FreeBSD, csh can beconfusingas a default shell for many as all other unix like settled on a bourneshellcompatible interactive shell: zsh, bash, or variant of ksh. Recently our sh(1) has receive update to make it more user friendly in interactive mode: * command completion (thanks pstef@) * improvement in the emacs mode, to make it behave by default like othershells* improvement in the vi mode (in particular the vi edit to respect$EDITOR)* support for history as described by POSIX. This makes it a usable shell by default, which is why I would like topropose tomake it the default shell for root starting FreeBSD 14.0-RELEASE (notMFCed)If no strong arguments has been raised until October 15th, I will makethisproposal happen. Again just in case: THIS IS NOT A PROPOSAL TO REMOVE CSH FROM BASE!I think this is fine. I would also be fine with either removing 'toor' from thedefault password file or just leaving it as-is for POLA. (I would probablyprefer removing it outright.)I think this is also fine. I also think we should remove toor from the default password file for one fewer attack surfaces. I strongly prefer this. Users that want toor can add it to their system and/or provisioning scripts. WarnerI am curious which attacks you are referring to since I have never heard of attacks on toor account. I have seen a lot of malware attacking root, admin, nobody, and other accounts, but never toor.
In the 30 some yrs I've been on UNIX and the likes. I've only ever known ~half a dozen administrators that ever choose toor. Those that want to continue doing so, will not be prevented from continuing to do so.
TBH toor might be handy as a backdoor account if you are familiar with FreeBSD enough to take advantage of it. It can also act as an account of last resort when someone breaks into your system and changes root password, wipes ssh keys etc, so it cuts both ways, not even mentioning POLA.
TBH this is a non-issue. toor is simply an alias to root. Anyone that has a root hacked system need only spin up the FreeBSD mini iso/img, mount their hacked system && hack back into shape. :-) Props to all the work and proposed changes here. Thanks! :-) --Chris P.S. This is NOT a bike shed.
The transition from csh to sh as a default root's shell will probably save some CPU cycles for people using Chef, Ansible, etc thus pushing FreeBSD toward green computing. Sysadmins bound to csh will be fine until it remains in the base system and chsh works. I shouldn't probably post here since I am only a voice from the userbase but can't help doing so. Kind regards,
0xBDE49540.asc
Description: application/pgp-keys
