RE: How to bypass /etc/passwd's shell

From: Jose Nazario (jose_at_biocserver.BIOC.cwru.edu)
Date: 07/19/01

On Wed, 18 Jul 2001, Marcus Zoller wrote:

> #!/bin/sh
> /usr/sbin/chroot /home/<user chroot> /bin/bash -login

> dummy:x:500:500:chroot user:/home/dummy:/bin/rshell

not wise. one can ^C out of the script's execution, leaving you with
/bin/sh as your shell. (been there, tried that, was able to break out,
it's easier than you may guess.)

____________________________
jose nazario jose_at_cwru.edu
                           PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Relevant Pages

  • Re: How to bypass /etc/passwds shell
    ... and for other signals (kill -l) ... > not wise. ...
    (Focus-Linux)
  • Re: Mandrake Linux 10.1 Path
    ... Depends on what shell you are running. ... do a ls -1 /etc/profile.d to see order of file execution. ... non-interactive session. ... When you login using the bash shell, the first file to run is ...
    (alt.linux)
  • Re: Securely allowing just one application via telnet
    ... One way is to use a traditional login shell and set the config ... file to pass execution to your application. ... trust your user (he's using telnet, so his password is easy to steal,) ...
    (freebsd-questions)
  • Odd shell behaviour
    ... I have used the following shell sequence without any problems ... The idea is to suspend execution of the shell script until ... than the pid of the sleep process. ...
    (comp.unix.solaris)
  • Odd shell behaviour
    ... I have used the following shell sequence without any problems ... The idea is to suspend execution of the shell script until ... than the pid of the sleep process. ...
    (comp.unix.shell)