Hello,
some days ago I posted a message titled
"csh/tcsh shell unuseable by non root".
Its text is reported below.
After much swearing, I have found that
in msec level 4 /usr/bin has permission:
rwxr--r--, or rwx--x--x, I'm not sure.
Obviously both permissions make the binaries
in the directory unreachable to non root
users, even though the binaries themselves
have right permissions (755, see below).
I had already decided for other reasons to
switch to msec level 3, and did it right
after this discovery.
Now I can work again, but:
1) How could this happen? Security is wonderful,
but obtaining it by making commands unuseable
makes the system itself unuseable to everyone.
As far as I can remember, I selected level 4 during
custom installation and did not touch anything else
afterwards.
2) If /usr/bin is unreachable, how can bash use it
and tcsh not? Is bash setuid root or something? (I
forgot to check this at home..). If so, it's bad,
isn't it?
Any feedback is appreciated.
Ciao,
Marco Fioretti
ORIGINAL POSTING
Hello,
I am running LM 7.1 with security level 4.
Yesterday I tried for the first time since
installation to run a csh script which worked
perfectly with LM 6.1.
Now, if I run as normal user, it crashes
even before starting, i.e. on sourcing the
/etc/cshrc file.
Specifically, it says that "id" and "test",
both used in the cshrc file, are
"command not found",
even though the $PATH is correctly set.
The same happens if I just start an xterm as a normal
user with bash, and type tcsh.
If I su root (whih has bash too) and then type tcsh,
everything goes fine.
the permissions in /usr/bin, where test and id are,
look OK to me, 755.
Any idea?
Is it at least possible to invoke csh/tcsh without
haviong them to look at the /etc/cshrc file?
(other than moving it, of course....)
TIA,
Marco
Keep in touch with http://mandrakeforum.com:
Subscribe the "[EMAIL PROTECTED]" mailing list.
