Using UUCP under a BBS system???

Frank Korzeniewski frk at mtxinu.COM
Thu Feb 22 08:09:24 AEST 1990


In article <1990Feb20.191019.9391 at virtech.uucp> cpcahil at virtech.UUCP (Conor P. Cahill) writes:
#In article <.OV1S=Axds13 at ficc.uu.net> morrison at ficc.uu.net (Brad Morrison) writes:
#>What about having a wrapper around the real shells that only execs the
#>real one if the user id is below some threshold?  Then give your restricted
#>users IDs above the threshold.
#
#Because all that would need to happen is that the user's find out what the name 
#of the real shell.  Of course, a better solution would be to place the shell
#into a different group and set the modes to 0750.  Then you could set up the
#group of the incomming users so that only those within said group can run
#the applicable program.  However, this could cause lots of problems
#when the user tries to execute a function/program that depends upon the 
#shell being available for non-interactive work (such as getcwd() on a system
#V system), then these functions would fail unexplicably.
#
#The best answer is still a chrooted environment or a much better controlled
#environment.

Brads idea could be extended just a little bit to overcome your objections.
Just use bash or ash for which the source is available and put the wrapper
check on the user id into the shell source code.  Lets see a user get
around this!!

Frank Korzeniewski     (frk at mtxinu.com)



More information about the Comp.unix.i386 mailing list