Date: Mon, 31 Aug 1998 11:43:15 +0200 (CEST) From: Zahemszky Gabor <zgabor@zg.CoDe.hu> To: freebsd.org!freebsd-security@zg.CoDe.hu Subject: Re: Shell history Message-ID: <199808310943.LAA00544@CoDe.hu> In-Reply-To: <3.0.3.32.19980829153814.0076e548@207.227.119.2> from "Jeffrey J. Mountin" at "Aug 29, 98 03:38:14 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> >> Sort of an automated chroot thing you can't bypass I guess. > > > >Build a chrooted area with /etc, /bin, /usr/bin, /usr/lib, /usr/libexec > >files which are necessary. > >Change inetd to run telnetd.sh and have telnetd.sh do: > > > >----- > >#!/bin/sh > >cd /newroot > >/usr/sbin/chroot . exec /usr/libexec/telnetd > >----- > > > >Danny > > This means that there would be common area for all shell users and I'd wonder if root would be restricted to console and ssh perhaps. In some AT&T Unices (HP, if I know well), this is the job of login: if that user has a star ``*'' as shell (the /etc/passwd line of that user is like: user:passwd:uid:gid:gcos:home:* ), than login is chroot to home, and start another login, with a /etc/passwd in that chrooted environment. Well, with that way, that user has to type two login/passwd sequence, but I think it's not a bad idea. ZGabor at CoDe dot HU -- #!/bin/ksh Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808310943.LAA00544>