Here's how to stop shell escapes from vi
Anthony Murdoch
ant at brolga.cc.uq.oz.au
Fri Sep 28 17:22:02 AEST 1990
wayne at dsndata.uucp (Wayne Schlitt) writes:
>In article <PA06YE4 at xds13.ferranti.com> peter at ficc.ferranti.com (Peter da Silva) writes:
>> In article <1990Sep20.153105.28394 at naitc.naitc.com> karl at bbs.naitc.com (Karl Denninger) writes:
>> > Without source code to "vi" there is NO WAY to prevent this. Believe me.
>>
>> adb -w /bin/vi
>>
>> Just zap the "/bin/sh" and the name of the "shell" variable.
>ok, /bin/sh can be zapped easily, but i am not sure about the SHELL
>variable. what to you zap it to? changing "SHELL" to "XXXXX" just
>moves the problem, using unprintable characters probably wont solve it
>either. would zapping the 'S' to a '\0' really work?
If you change SHELL to something and then make vi unreadable then surely that
makes it secure enough for you (unless of course you don't want to allow root
to have a shell ;-)
ant
--
V ant "It's great to be young and insane"
\o/ ant at brolga.cc.uq.oz.au - Dream Team
-O- Anthony Murdoch Prentice Computer Centre
/0\ Phone (07) 3774078 University of Qld
More information about the Comp.unix.sysv386
mailing list