4.3 /etc/shells

[Bob Lenk]

> Could someone explain what this /etc/shells silliness is all about?
> Why joe user can't change his shell to whatever he pleases??  I see no
> reason to restrict users in their choice of shells

I won't claim to explain what it's all about.  One reason that a
system administrator might want to restrict the login shells available
is to insure that every user who logs on executes some specific code
(in /etc/profile or analogous file for other permitted login shells).
In that case a one-line .profile which exec's another shell is a
good solution for everyone involved.

Another reason that some checking must be done is so a user can't
install a shell like "/bin/sh\nbreakin::0:1::/:/bin/sh" (that doesn't
require /etc/shells, but requires some check).

>                                                      in fact, this is
> one of the things usually quoted as a great strength of UNIX.

That strength still exists, but the system administrator is permitted to
limit the freedom.  Perhaps some systax in /etc/shells (like an entry of
* ) which permits any shell to be installed (subject to security checks)
would be nicer.

			Bob Lenk
			{hplabs, ihnp4}!hpfcla!rml