Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!csd4.csd.uwm.edu!cs.utexas.edu!uunet!mcvax!ukc!axion!galadriel!pcf
From: pcf@galadriel.bt.co.uk (Pete French)
Newsgroups: comp.unix.questions
Subject: Re: Restricted Shell - does it still exist.
Message-ID: <323@galadriel.bt.co.uk>
Date: 18 Aug 89 07:41:52 GMT
References: <20623@adm.BRL.MIL>
Organization: RT6115, BTRL, Martlesham Heath, England
Lines: 26

From article <20623@adm.BRL.MIL>, by FAUSETT@tops20.radc.af.mil:
> 
> I'm looking for something like the old AT&T restricted shell (found in System
> III and possibly later?) for a Sun system.  I've got a guest user I need to 
> set up on the system with whom I have a good bit of trust, but still want to 
> discourage from poking around tyhe system.
> 
> Does anyone know if such a beastie still exists?


The restricted shell was exactly the same as the original shell - execpt it was
invoked with the name "rsh". /bin/rsh was a link to /bin/sh. On a SUn (or
any ethernet box indeed) this is a problem since rsh already exists.

The restricted shell can, luckily, still be run. You just invoke it with
a '-r' option. So put in your users .profile ...

exec sh -r

And he will have a restricted shell.
If you want yoiur user to have his own .profile that is run on shell startup
then write a C program to run as the login shell that execs /bin/sh with the
'-r' option and an argv[0] of '-sh'. The '-' in front of the name causes the
shell to run the .profile on startup.

		-Pete.