Date: Wed, 5 Jun 2002 15:17:19 +0200 From: Matthias Buelow <mkb@informatik.uni-wuerzburg.de> To: Alexander V Zubchenko <stalker@hermes-comp.zp.ua> Cc: Admin/Manager <leroy@3dmasters.net>, freebsd-questions@FreeBSD.ORG Subject: Re: SHELL ACCESS Message-ID: <20020605131719.GB1211@reiher.informatik.uni-wuerzburg> In-Reply-To: <20020605093415.N38764-100000@server.hermes-comp.zp.ua> References: <000101c20bfa$6c740eb0$0264a8c0@3dmdomain.local> <20020605093415.N38764-100000@server.hermes-comp.zp.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexander V Zubchenko writes: >I don't know about such features in shells, but you may play around with >access permissions (e.g. make anything world-inaccessible, place users in >nobody group and set rights so anything will b protected from access, >excepting home). Commercial systems typically have a "restricted shell" command, sometimes under the name rsh (colliding with the remote shell, which is called remsh on such systems.) On FreeBSD, I think the (original) KornShell (ksh) and GNU bash can be run in restricted mode. It disables cd, and some other builtins but it of course does not restrict programs that got invoked by the user, so you have to be selective about which programs the user is allowed to run. vi(1) also can be run in restricted mode. --mkb To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020605131719.GB1211>