Is the restricted shell really secure?
did at UCLA-LOCUS.ARPA
did at UCLA-LOCUS.ARPA
Sun Aug 5 14:36:33 AEST 1984
From: "David I. Dalva" <did at UCLA-LOCUS.ARPA>
You should be able to keep a restricted account from wandering afield
home directory for the restricted account "foo" be "/mnt/locked/foo"
[...] where "/mnt/locked" is owned by root and is mode 700.
Sorry, "cd /" gets you out into the free world. You'd have to take cd
(and chdir) out of the shell (but a C program which did a chdir(2) call
and a fork would simulate *that* :-( ).
...and there's also the problem of not being able to access your home
directory at login time.
Dave
Arpa: did at UCLA-LOCUS.ARPA
UUCP: {ihnp4 | randvax | sdcrdcf | trwspp | ucbvax}!ucla-cs!did
More information about the Comp.unix.wizards
mailing list