Is the restricted shell really secure?
P McFerrin
mcferrin at inuxc.UUCP
Wed Jul 18 02:03:01 AEST 1984
The restricted shell CAN be secure if the administrator follows certain
guidelines, some of which are included:
1- Do not have PATH setup to search the standard directories. Have
it search only a directory that contains ONLY the commands you
are allowing the restricted user. (called the restricted bin directory)
2- Do not permit the restricted user access to the bin directory
established in step 1.
3- Use the .profile to setup any important variables you want and
set them to read-only if necessary. Do a cd(1) to the appropiate
directory. Include SHELL=/bin/rsh in the .profile.
4- The commands you put in the restricted bin directory should
check the arguments to insure that the restrictions are not
being bypassed. (e.g. arguments beginning with '/' or '../'.
5- If you want to include some standard Unix commands in the
restricted bin directory, use the following example:
cd $RESTRICTED_BIN
ed .cmd
a
PATH="/bin:/usr/bin:..........$RESTRICTED_BIN"
# ^^^^^^ your normal bin directories here
for arg in $*
do
case $arg in
/*|../) :
echo "$0: \"$arg\" not allowed, restricted." 1>&2
exit 255
;;
*) : ok
;;
esac
done
exec $0 $*
.
w
q
chmod 775 .cmd
ln .cmd ls
ln .cmd cat
ln .cmd diff
# The last 3 commands will make the ls, cat, & diff commands available
# to the restricted user.
Remember, shell scripts will be executed by a NON-RESTRICTED shell, thus
giving you, the administrator, the full power in controlling what you are
allowing the restricted user.
Paul McFerrin
AT&T Consumer Products
More information about the Comp.unix.wizards
mailing list