Date: Wed, 7 Jun 2000 18:33:24 +0100 From: User Datagram Protocol <udp@closed-networks.com> To: Peter Pentchev <roam@orbitel.bg> Subject: Re: Restricting user to a directory Message-ID: <20000607183324.L65725@closed-networks.com> In-Reply-To: <Pine.BSF.4.21.0006072001070.791-100000@ringwraith.oblivion.bg>; from roam@orbitel.bg on Wed, Jun 07, 2000 at 08:02:07PM %2B0300 References: <200006071649.e57GnEg12368@bart.esiee.fr> <Pine.BSF.4.21.0006072001070.791-100000@ringwraith.oblivion.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
What about SYSV-style invocation with argv[0] == "/bin/rsh" ?
Ick.
On Wed, Jun 07, 2000 at 08:02:07PM +0300, Peter Pentchev wrote:
> not really. bash should be configured at runtime as to whether to *allow*
> invocation as a restricted shell; most precompiled versions of bash come
> with this capability.
> From there, just start it as rbash or bash -r, and it runs restricted.
--
Bruce M. Simpson aka 'udp' Security Analyst & UNIX Development Engineer
WWW: www.closed-networks.com/~udp
Dundee www.packetfactory.net/~udp
United Kingdom email: udp@closed-networks.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000607183324.L65725>