Originally Posted By: spackard
Solaris 8-SPARC used /sbin/sh, a statically-linked Bourne-compatible shell for root and services. 9? I think it was still /sbin/sh. 10-SPARC? Pretty sure it was /bin/ksh. 11? Well, there really is no root anymore, that's a role, but it's using /usr/bin/bash, at least the x64 version is.
Then there's this from a (dated) FAQ:
From 2.3 onward (1994?)
all system rc scripts are executed under sh regardless of the root
shell (see /etc/rcS).
So really this seems much more a Linux vulnerability.
When I taught Solaris admin, I cautioned folks against changing the login shell for root. Having a statically linked shell as the login shell helped in some recovery scenarios. You can start whatever shell you like after you login, such as bash, ksh, csh.
Root is now a role, so that changes things.
Solaris 8-SPARC used /sbin/sh, a statically-linked Bourne-compatible shell for root and services. 9? I think it was still /sbin/sh. 10-SPARC? Pretty sure it was /bin/ksh. 11? Well, there really is no root anymore, that's a role, but it's using /usr/bin/bash, at least the x64 version is.
Then there's this from a (dated) FAQ:
From 2.3 onward (1994?)
all system rc scripts are executed under sh regardless of the root
shell (see /etc/rcS).
So really this seems much more a Linux vulnerability.
When I taught Solaris admin, I cautioned folks against changing the login shell for root. Having a statically linked shell as the login shell helped in some recovery scenarios. You can start whatever shell you like after you login, such as bash, ksh, csh.
Root is now a role, so that changes things.