How to prevent VI from getting a shell?
Thomas Omerzu
omerzu at quando.quantum.de
Mon Sep 17 23:44:36 AEST 1990
In article <570 at DIALix.UUCP> bernie at DIALix.oz.au (Bernd Felsche) writes:
>In article <501 at trux.UUCP> car at trux.UUCP (Chris Rende) writes:
>>If I want to give someone access to VI and yet deny them access to a shell,
>>how do I prevent the user from using VI's "<ESC>:!" command?
>
>set SHELL in the environment to something which doest nothing, say
>/bin/true. vi forks-execs whatever SHELL is defined to be, or the
>shell if undefined.
NO!
Although this will work for many applications,
it won't work for vi!
If you 'set SHELL /bin/true' the user will not be able to get
a shell, that's true.
BUT: THIS DOES NOT PREVENT THE USER FROM RESETTING THE SHEL VARIABLE!
If that user does a: ':set shell /bin/sh'
he _will_ get a shell on further requests!!!
So long,
Thomas.
--
*-----------------------------------------------------------------------------*
Thomas Omerzu UUCP: ...!unido!quando!omerzu / omerzu at quando.uucp
Quantum GmbH, Bitnet: UNIDO!quando!omerzu / omerzu%quando at UNIDO(.bitnet)
Dortmund, Germany Internet: omerzu at quando.quantum.de
More information about the Comp.unix.questions
mailing list