none

mab at ucla-locus mab at ucla-locus
Wed Sep 21 11:45:00 AEST 1983


At CSUN, games are run through a restriction program which is suid
and which accesses games in a specific directory.  The variable "SHELL"
and the varaible RSHEL are used to control his access.  If SHELL is
not already set, it is set to his default shell. RSHEL is set to refer
to a program which will restore his uid, and exec his default shell.

Any program placed into the games directory is edited (with adb for those
games we dont have source to) to use the RSHEL variable where it otherwise
used SHELL.  Any binary that was hardcoded to refer to a specific shell
gets edited to refer to our 'drop-shell'.  This way, users who spawn
shells from their game, get to be themselves.  

See any problems with this?

Oh yes, the restrict program does a nice(20) too. rogue players love
this (heh-heh).

	Michael A. Bloom
	California State University,  Northridge



More information about the Comp.unix.wizards mailing list