In article <200802041901.OAA07698%Sparkle.Rodents.Montreal.QC.CA@localhost>,
der Mouse <mouse%Rodents.Montreal.QC.CA@localhost> wrote:
>How can I configure my system so that any path is considered acceptable
>by, eg, chsh?
>
>That's actually a rhetorical question. I know the answer: I can't,
>except by hacking on everything that does such tests. I ask it to
>point up that, while it's good for an OS to support that kind of
>lockdown, and perhaps even reasonable to default to it, it's
>unreasonable to support nothing else.
>
>The real problem, of course, is that the interface - getusershell -
>used for the purpose is badly designed; it exposes too much of the
>implementation, imposing too much policy. Instead, it should be
>something like usershellisvalid(), taking the proposed shell path; then
>its backend(s) could support things like "anything is valid" or
>"anything in /usr/local/shells/ is valid" or "anything in a directory
>that's root-owned and non-world-writable all the way from / is valid"
>as well as "these specific paths are valid". I'm not entirely alone in
>seeing this as a problem; witness /SENDMAIL/ANY/SHELL/.
>
>If I were to design and implement something usershellisvalid()ish
>(probably with a compatability getusershell() interface), would there
>be any interest in seeing it in the tree?
Can't you just add globbing to the existing interface, like:
/usr/local/shells/*
christos