Date: Mon, 31 Aug 1998 11:43:15 +0200 (CEST) From: Zahemszky Gabor <zgabor@zg.CoDe.hu> To: freebsd.org!freebsd-security@zg.CoDe.hu Subject: Re: Shell history Message-ID: <199808310943.LAA00544@CoDe.hu> In-Reply-To: <3.0.3.32.19980829153814.0076e548@207.227.119.2> from "Jeffrey J. Mountin" at "Aug 29, 98 03:38:14 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> >> Sort of an automated chroot thing you can't bypass I guess.
> >
> >Build a chrooted area with /etc, /bin, /usr/bin, /usr/lib, /usr/libexec
> >files which are necessary.
> >Change inetd to run telnetd.sh and have telnetd.sh do:
> >
> >-----
> >#!/bin/sh
> >cd /newroot
> >/usr/sbin/chroot . exec /usr/libexec/telnetd
> >-----
> >
> >Danny
>
> This means that there would be common area for all shell users and I'd wonder if root would be restricted to console and ssh perhaps.
In some AT&T Unices (HP, if I know well), this is the job of login:
if that user has a star ``*'' as shell (the /etc/passwd line of that user
is like:
user:passwd:uid:gid:gcos:home:*
),
than login is chroot to home, and start another login, with a /etc/passwd in
that chrooted environment. Well, with that way, that user has to type
two login/passwd sequence, but I think it's not a bad idea.
ZGabor at CoDe dot HU
--
#!/bin/ksh
Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808310943.LAA00544>