Security
Derek E. Terveer
det at hawkmoon.MN.ORG
Fri Aug 26 01:43:23 AEST 1988
In article <4 at raider.UUCP>, root at raider.UUCP (Bob Reineri) writes:
> They can use shell commands from within either vnews of vi and do anything
> their heart desires (within normal system security, of course). Well, this
> just won't work ! I know there is a 'red' editor, but I hate to confine them
> to that.
(i know you didn't mention less, but here's my 2 cents anyway)
I can't help with vnews or vi (i wish there was an "rvi" ! (for those of us w/o
the source code that is!)), but if you happen to let them use less, the public
domain version (4.0, i believe) has a compile time option that allows/disallows
shell escapes. Simply turn this off. (0)
derek
--
Derek Terveer det at hawkmoon.MN.ORG
w(612)681-6986
"A proper king is crowned" -- Thomas B. Costain
More information about the Comp.unix.xenix
mailing list