Security
tif at cpe.UUCP
tif at cpe.UUCP
Thu Sep 1 08:12:00 AEST 1988
Written 10:24 am Aug 14, 1988 by raider.UUCP!root in cpe:comp.unix.xenix
>I would like to give folks access to vnews and elm via a restricted shell. I
>have dutifully set up a 'restricted' bin directory containing just a few
>commands, like vi, vnews, readnews, who, cat; I set all restricted users PATH
>to this directory only. Here's the rub:
>
>They can use shell commands from within either vnews of vi and do anything
>their heart desires (within normal system security, of course). Well, this
>just won't work ! I know there is a 'red' editor, but I hate to confine them
>to that.
>
>Does anyone have a solution for me ? Am I trying to do this the wrong way ?
Experiment with the environment variable, SHELL. I have a limited
login which sets SHELL="". It effectively prevents shell escapes from
most programs. You might be satisfied with setting SHELL=rsh.
Paul Chamberlain
Computer Product Engineering, Tandy Corp.
{convex,killer}!ninja!cpe!tif
More information about the Comp.unix.xenix
mailing list