Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!zombie.ncsc.mil!news.mathworks.com!newsfeed.internetmci.com!howland.reston.ans.net!Germany.EU.net!Dortmund.Germany.EU.net!interface-business.de!not-for-mail From: j@interface-business.de (J Wunsch) Newsgroups: comp.unix.bsd.bsdi.misc Subject: Re: rsh , help please Date: 20 Oct 1995 10:27:41 +0100 Organization: interface business GmbH, Dresden Lines: 22 Message-ID: <467q2d$38v@ida.interface-business.de> References: <464g7n$g1v@mippet.ci.com.au> NNTP-Posting-Host: ida.interface-business.de Ferry Winarta <ferryw@softplus.com.au> wrote: >I tried to configure a user to use restricted shell, >by creating a file called /bin/resh ( which contained /bin/sh -r ), and >then change user's shell to /bin/resh through vipw ( I don't think, this >is the correct procedure). Note that the so-called "restricted" shells are one of the most inviting security holes (at least, when being used as interactive shell). >Did I miss something , or this is impossible ? I think you need some more tweaking. Some special inetd, for example. Of course, ftp-only users don't really need a working shell, as long as the value of their login shell password field is mentioned in /etc/shells. -- J"org Wunsch Unix support engineer joerg_wunsch@interface-business.de [private: http://www.sax.de/~joerg/]