Restricted shell (was Re: rsh environment)
Paul De Bra
debra at alice.UUCP
Tue Dec 27 03:18:18 AEST 1988
In article <901 at philmds.UUCP> leo at philmds.UUCP (Leo de Wit) writes:
>...
>Definitely. The guy said bsd. 'rsh' was also a surprise to me when I
>first worked in a System V environment.
>
>The BSD /bin/sh has also a notion of restriction, although I never saw
>it documented (not in sh(1) nor in S. R. Bourne's 'An Introduction to
>the UNIX Shell').
>...
>I'm interested both in what restriction means in System V, and whether
>there is any documentation about -r (set -r, sh -r) for the BSD /bin/sh.
>Furthermore I'm interested in hearing about its use (for what, and how).
>
> Leo.
The restricted shell "is used to set up login names and execution
environments whose capabilities are more controlled than those of the
standard shell" (System V user manual).
There are (according to the manual) 4 things that are disallowed:
- changing directory
- setting $PATH
- specifying path or command names containing /
- redirecting output (both > and >>)
The reason why the restricted shell is dying away is that it is SO easy
to bypass...
(Since most readers of this newsgroup have sufficient imagination to become
a "cracker" but enough discipline to refrain from such activities I don't
think I have to sketch a scenario to break out of the restricted environment)
Paul.
--
------------------------------------------------------
|debra at research.att.com | uunet!research!debra |
------------------------------------------------------
More information about the Comp.unix.wizards
mailing list