Restricted shell (was Re: rsh environment)
Israel Pinkas ~
pinkas at hobbit.intel.com
Wed Jan 4 03:15:37 AEST 1989
In article <8636 at alice.UUCP> debra at alice.UUCP (Paul De Bra) writes:
> In article <425 at aurora.auvax.uucp> lyndon at auvax.UUCP (Lyndon Nerenberg) writes:
> }In article <278 at dcs.UUCP> wnp at dcs.UUCP (Wolf N. Paul) writes:
> }>Some notes: sh and rsh are links to the same binary, with "sh -r" being
> }>equivalent to an invocation of rsh. "set -r" after the shell has started
> }>also has the same effect, as Leo's demo showed. The manual further points out
> }>that shell scripts are executed using standard sh, thus the restriction can
> }>probably be gotten around.
> Hold it! The restricted shell is intended to be used together with a small
> set of programs, put in a special directory, and with a $PATH that only
> goes through that directory.
I think there is a problem here. There are two programs named rsh, who do
do very different things.
In the SysV environment, rsh is the restricted version of the Bourne Shell,
which is a link to sh. Upon startup, the -r flag is set. This program and
the flag are not available in the BSD versions of sh that I checked (Ultrix
and SunOS).
In the BSD environment, rsh is the remote shell, a companion of rlogin and
rcp. SysV machines that have these commands often call this program rcmd,
for remote command.
I believe that the original question was how to pass portions of the
environment when executing a remote shell. In this context, I believe that
the BSD version of the program is what we should be talking about.
I have aliases that do this. They all execute a command such as:
rsh mach "setenv FOO foo; setenv BAR bar; cmd1; cmd2"
Hope this helps.
-Israel
--
--------------------------------------
Disclaimer: The above are my personal opinions, and in no way represent
the opinions of Intel Corporation. In no way should the above be taken
to be a statement of Intel.
UUCP: {amdcad,decwrl,hplabs,oliveb,pur-ee,qantel}!intelca!mipos3!cad001!pinkas
ARPA: pinkas%cad001.intel.com at relay.cs.net
CSNET: pinkas at cad001.intel.com
More information about the Comp.unix.wizards
mailing list