Re: Restricted Shells or Menu Based Shells
From: Sumit Dhar (dhar@dexponet.com)Date: 02/26/02
- Previous message: Sumit Dhar: "Re: Restricted Shells or Menu Based Shells"
- In reply to: Sematimba Noah Kevin: "Re: Restricted Shells or Menu Based Shells"
- Next in thread: Miguel Angel Rodriguez Jodar: "Re: Restricted Shells or Menu Based Shells"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 26 Feb 2002 12:58:41 -0500 (EST) From: Sumit Dhar <dhar@dexponet.com> To: Sematimba Noah Kevin <ksemat@wawa.eahd.or.ug>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 26 Feb 2002, Sematimba Noah Kevin wrote:
> remember to make sure that the users /home/$user/.profile is restricted
> either root i.e owner root permissions 0700, or set to immutable with
> chattr +i
Yes, that goes pretty much with out saying... I think that is better to
use the chattr +i option rather than the 0700 mode as the user might be
able to delete this file otherwise.
I have had enterprising users get vim or other binaries from other
machines onto the machine where they were given a restricted shell and
they used it exit the restricted shell.
A restricted shell is a tricky thing.. An experienced user get out of it
inspite of all your precautions. So be warned... :)
Regards
Dhar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8e8zluQMMKXqy0FoRAuONAJ9lXmKDnfRn8mycsWJcO03Z/NpmeACgxZTW
26baqAK7Fi3KeuBdj5Xxb3g=
=J91m
-----END PGP SIGNATURE-----
- Previous message: Sumit Dhar: "Re: Restricted Shells or Menu Based Shells"
- In reply to: Sematimba Noah Kevin: "Re: Restricted Shells or Menu Based Shells"
- Next in thread: Miguel Angel Rodriguez Jodar: "Re: Restricted Shells or Menu Based Shells"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
