Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!rutgers!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.unix.questions
Subject: Re: How to prevent VI from getting a shell?
Summary: here's a *working* solution
Message-ID: <26243:Sep1811:57:4690@kramden.acf.nyu.edu>
Date: 18 Sep 90 11:57:46 GMT
References: <501@trux.UUCP> <570@DIALix.UUCP> <1990Sep17.210110.26060@robobar.co.uk>
Organization: IR
Lines: 21

In article <1990Sep17.210110.26060@robobar.co.uk> ronald@robobar.co.uk (Ronald S H Khoo) writes:
> I got around the problem by binary patching out the call to fork() in
> vi.  Ugh.  Also, I never found a way to defeat letting the user read and
> write files other than the current file.  Any offers ?

A slightly brutish but correct solution is illustrated in the pty
package. You simply convert exclamation points, colons, and other
dangerous characters into something dull like a question mark.

  % pty -0 tr \!: \?\? | pty vi

The only problem is that the user can't even type ! or : any more!
To kludge around this, convert ! into <esc>a! and : into <esc>a:.
You should also provide macros (not using ! or :) to allow whatever
restricted : commands the user might reasonably want.

This does, however, solve the stated problem.

(Be sure to disable keyboard interrupts, by the way.)

---Dan