Date: Fri, 12 Jul 1996 22:58:24 GMT From: James Raynard <fqueries@jraynard.demon.co.uk> To: jim@starshine.org Cc: paul@nation-net.com, questions@freebsd.org Subject: Re: Restricted shell for Web users Message-ID: <199607122258.WAA02595@jraynard.demon.co.uk> In-Reply-To: <199607121006.DAA02053@starshine> (message from Jim Dennis on Fri, 12 Jul 1996 03:06:55 -0700 (PDT))
next in thread | previous in thread | raw e-mail | index | archive | help
> > Mail accounts aren't needed, just forwarding.
> > I've heard there is such a thing as a virtual shell? It sounds like just
> > what I need!!
>
> If you insist on allowing telnet into it (and poviding a shell
> account) you might look at the 'restricted shell' (I think there
> is a command line option on Bourne or Korn and support for
> it automatically assume this option if called via the name
> 'rsh' -- i.e. via a hardlink).
AFAIK this is a SysV ism - the Berkeley rsh is the 'remote shell',
used for running commands on a different host from the one you're
logged in to. I couldn't find anything in the sh man page about this
(I don't have the ksh man page due to a chronic lack of disk space).
> The restrictions an this 'rsh' ('jsh'???) are something like:
> can't change directory, can't set/unset any variables, can't
> create any shell functions or aliases, etc.
I understood 'jsh' was how you invoked the job-control version of sh
on SysV (our sh already has job control built in, so we don't need
it). I wasn't aware it had anything to do with user restrictions, but
I'm open to correction (my experience of SysV being rather limited).
Anyway, I've seen one or two other requests for this - if I can get
hold of a proper spec for this, I *might* have a go at it (unless of
course someone else does it first :-)
--
James Raynard, Edinburgh, Scotland
james@jraynard.demon.co.uk
http://www.freebsd.org/~jraynard/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607122258.WAA02595>