RE: How to bypass /etc/passwd's shell

• Vorherige Nachricht: Jose Nazario: "RE: How to bypass /etc/passwd's shell"
• Vielleicht als Antwort auf: Andrew Hatfield: "RE: How to bypass /etc/passwd's shell"
• Nachrichten sortiert nach: [ Datum ] [ Thread ] [ Subject ] [ Autor ] [ Attachement ]

On Thu, 19 Jul 2001, Jose Nazario wrote:
>
> not wise. one can ^C out of the script's execution, leaving you with
> /bin/sh as your shell. (been there, tried that, was able to break out,
> it's easier than you may guess.)
>

hmmm... I was unable to do this becaus interrupting with ^C terminates
the script and if this is your login shell there are no more processed remainig,
so you will get logged out ???

/bin/sh is the only thing executed in the real root and interrupting this
will not leave an process remaining!?

Marcus

• Vorherige Nachricht: Jose Nazario: "RE: How to bypass /etc/passwd's shell"
• Vielleicht als Antwort auf: Andrew Hatfield: "RE: How to bypass /etc/passwd's shell"
• Nachrichten sortiert nach: [ Datum ] [ Thread ] [ Subject ] [ Autor ] [ Attachement ]

Relevant Pages Re: Securely allowing just one application via telnet ... > stuff before handing execution to this application. ... > and you can not trust your user (he's using telnet, ... > that will be executed as the user's login shell. ... Also keep in mind that starting an SSH tunnel can allow you to do many ... (freebsd-questions) Re: ACL problems, any suggestions would be great ... As for restricting to execution of a single command, ... > I could not come up with a solution to solve this problem with openssh. ... > because you could specify a login shell for all users that would override the login shell ... (SSH)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint