From nobody Wed Sep 22 19:26:41 2021 X-Original-To: current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 059EB17C06AA for ; Wed, 22 Sep 2021 19:26:48 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "plan-b.pwste.edu.pl", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HF7Zv5VYxz4v6W; Wed, 22 Sep 2021 19:26:47 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from fomalhaut.potoki.eu (dom.potoki.eu [62.133.140.50]) (authenticated bits=0) by plan-b.pwste.edu.pl (8.16.1/8.16.1) with ESMTPSA id 18MJQfth066455 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 22 Sep 2021 21:26:41 +0200 (CEST) (envelope-from zarychtam@plan-b.pwste.edu.pl) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl; s=plan-b-mailer; t=1632338802; bh=REUW2M33B6NQkfiqF/cVL2jsaASA6srG44byHZANvAM=; h=To:Cc:References:From:Subject:Date:In-Reply-To; b=ACq2t16FlZubFc6hNaIildVT3UwkDUgL5KE+0Qv5IRYRDfypiEs6cY0056GpyCll1 09EprqiVDtacV3RQZasaGN1/dZ9TgmsKZ0tINMkImcp8riGChMwldscLZLbPXDh2gA MIkMIUV2cwADFGbTmPzGU4A0LqBxlzEFKYgAnRxOJ6en1l+ezgCOcLymlrT9sAaXCL lf7pTIRMYfjXTP5o2gwoJKKV3Tp07I2Vt/WyDq9RVFMLIXIvVuafR6YedmeoIM9ood j5M8DvcSpTRByFBgvvZJtZKlDICWIhByDRhL1mL955rlooZETevwmTx1eEZfFj3271 CpOFsSMJ3UhMQ== X-Authentication-Warning: plan-b.pwste.edu.pl: Host dom.potoki.eu [62.133.140.50] claimed to be fomalhaut.potoki.eu To: Warner Losh , John Baldwin Cc: Baptiste Daroussin , FreeBSD Current References: <20210922083645.4vnoajyvwq6wfhdf@aniel.nours.eu> <82d7f4d1-5ce9-c7ed-d993-b16b3ddac6e3@FreeBSD.org> From: Marek Zarychta Subject: Re: [HEADSUP] making /bin/sh the default shell for root Message-ID: <41db45d4-42bf-8ef9-a2b8-6ffb8ff6aacb@plan-b.pwste.edu.pl> Date: Wed, 22 Sep 2021 21:26:41 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0 List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="0bCj84pdqxVKfrifdOd8J9klap8oxVfKw" X-Rspamd-Queue-Id: 4HF7Zv5VYxz4v6W X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-ThisMailContainsUnwantedMimeParts: N This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --0bCj84pdqxVKfrifdOd8J9klap8oxVfKw Content-Type: multipart/mixed; boundary="j4xIWRNgQPsEXs4nt54IhU36MUTId0GxD"; protected-headers="v1" From: Marek Zarychta To: Warner Losh , John Baldwin Cc: Baptiste Daroussin , FreeBSD Current Message-ID: <41db45d4-42bf-8ef9-a2b8-6ffb8ff6aacb@plan-b.pwste.edu.pl> Subject: Re: [HEADSUP] making /bin/sh the default shell for root References: <20210922083645.4vnoajyvwq6wfhdf@aniel.nours.eu> <82d7f4d1-5ce9-c7ed-d993-b16b3ddac6e3@FreeBSD.org> In-Reply-To: --j4xIWRNgQPsEXs4nt54IhU36MUTId0GxD Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable W dniu 22.09.2021 o=C2=A019:46, Warner Losh pisze: > On Wed, Sep 22, 2021 at 9:35 AM John Baldwin wrote: >=20 >> On 9/22/21 1:36 AM, Baptiste Daroussin wrote: >>> Hello, >>> >>> TL;DR: this is not a proposal to deorbit csh from base!!! >>> >>> For years now, csh is the default root shell for FreeBSD, csh can be >> confusing >>> as a default shell for many as all other unix like settled on a bourn= e >> shell >>> compatible interactive shell: zsh, bash, or variant of ksh. >>> >>> Recently our sh(1) has receive update to make it more user friendly i= n >>> interactive mode: >>> * command completion (thanks pstef@) >>> * improvement in the emacs mode, to make it behave by default like ot= her >> shells >>> * improvement in the vi mode (in particular the vi edit to respect >> $EDITOR) >>> * support for history as described by POSIX. >>> >>> This makes it a usable shell by default, which is why I would like to= >> propose to >>> make it the default shell for root starting FreeBSD 14.0-RELEASE (not= >> MFCed) >>> >>> If no strong arguments has been raised until October 15th, I will mak= e >> this >>> proposal happen. >>> >>> Again just in case: THIS IS NOT A PROPOSAL TO REMOVE CSH FROM BASE! >> >> I think this is fine. I would also be fine with either removing 'toor= ' >> from the >> default password file or just leaving it as-is for POLA. (I would pro= bably >> prefer removing it outright.) >> >=20 > I think this is also fine. I also think we should remove toor from the > default > password file for one fewer attack surfaces. I strongly prefer this. Us= ers > that want toor can add it to their system and/or provisioning scripts. >=20 > Warner >=20 I am curious which attacks you are referring to since I have never heard of attacks on toor account. I have seen a lot of malware attacking root, admin, nobody, and other accounts, but never toor. TBH toor might be handy as a backdoor account if you are familiar with FreeBSD enough to take advantage of it. It can also act as an account of last resort when someone breaks into your system and changes root password, wipes ssh keys etc, so it cuts both ways, not even mentioning POLA. The transition from csh to sh as a default root's shell will probably save some CPU cycles for people using Chef, Ansible, etc thus pushing FreeBSD toward green computing. Sysadmins bound to csh will be fine until it remains in the base system and chsh works. I shouldn't probably post here since I am only a voice from the userbase but can't help doing so. Kind regards, --=20 Marek Zarychta --j4xIWRNgQPsEXs4nt54IhU36MUTId0GxD-- --0bCj84pdqxVKfrifdOd8J9klap8oxVfKw Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEnjwyTmqn2oNX6C8qHZW8vIFppoIFAmFLg3EFAwAAAAAACgkQHZW8vIFppoJt Ewf9GgL58eDj6I1NxT+eJN0FKd6hBrlJoiOtsir1ylc7Ha7OlF3Ys2mR55lXfO3xCnyAlzga3av4 MHYyhRH/7QiiGJljiUmqvFJDe6yLsC6CkEeMCdZqlA0bqs5zbar3uQ2neG/S6363jJdU6IKMnwuV 5FRJG+lGYBBpgBl7/vDRYvz0yqUKdHn4XFaaUliOnpaH88tx0vQ/JaApQLv+GSw6dqdLZoC84GHO GpbkOhHa7Fg/yUZIrqUNnj6lHkrG02Y0C39R+9+V7KN6vLLCj87VUP38VckASELdUsvvUBF4zUDB 6ykxcinHr8NzFrL7WayGlf7KfzroRvBeuq8zkeNerg== =MJOP -----END PGP SIGNATURE----- --0bCj84pdqxVKfrifdOd8J9klap8oxVfKw--