The December issue of ;login: The USENIX Magazine is now available, featuring an article I wrote entitled ``Of Headless User Accounts and Restricted Shells''. The summary/introductory paragraph reads like this:
UNIX system accounts not bound to a particular user, so called ``headless user accounts,'' are frequently used to allow for automation of certain tasks. For security reasons, such headless accounts usually have a very restricted shell, allowing only a few select commands . At the same time, system administrators and service engineers frequently have a need to let such accounts execute additional commands, even though allowing an interactive shell is not an option. To address this problem, we developed a command interpreter called sigsh that requires a cryptographic proof of authenticity and integrity (i.e., a ``signature'') by an authorized party before it executes a set of commands. sigsh(1) is currently used by Yahoo! Inc. on over a quarter-million hosts to help discover potential software vulnerabilities.
If you're a USENIX/SAGE member, then you can read the article online (otherwise, you have to wait a year :-/).
As should be obvious, this is an article about sigsh, which we use at Yahoo! in combination with scanmaster for headless host scanning. In April, I gave a presentation about this at Twitter -- you can find the slides here.
December 1, 2011