Path: utzoo!attcan!uunet!tut.cis.ohio-state.edu!ucsd!sdd.hp.com!samsung!cs.utexas.edu!sun-barr!newstop!texsun!letni!void!ozdaltx!toma From: toma@ozdaltx.UUCP (Tom Armistead) Newsgroups: comp.unix.questions Subject: Re: How to prevent VI from getting a shell? Summary: Patch /usr/bin/vi with this C program Message-ID: <7007@ozdaltx.UUCP> Date: 28 Sep 90 02:47:13 GMT References: <570@DIALix.UUCP> <1990Sep17.210110.26060@robobar.co.uk> <81@raysnec.UUCP> Organization: AIDS INFO EXCG/OZ BBS - Dallas, TX Lines: 96 Boy - am I brave posting this - or was it stupid? I forget... Here is a real small C program that will batch the /usr/bin/vi, creating an output file ./vi.new that will not have the ':set shell' command. What it does is look for 'shell' and replace it with 5 spaces. So, ':set shell' gives an error... Anyway, you can move vi to vi.orig and remove execution priv's from it and move vi.new to /usr/bin/vi. p.s. This works on System V machines (not tested on anything else). -----------------------------CUT HERE---------------------------------- /************************************************************************* ** fixvi.c ** Description: ** This program will create the executable file specified by VI_OUT ** and remove the ':set shell' command from it. ** Disclaimer: ** This program is hereby released as PUBLIC DOMAIN. ** It comes with ABSOLUTELY NO warranty... **************************************************************************/ #include #include #include #include #include #define VI_IN "/usr/bin/vi" /* original version of vi */ #define VI_OUT "./vi.new" /* new version (with shell) */ main() { struct stat sbuf; /* to get size of file VI_IN */ char *read_buf=(char *)0; /* read VI_IN into here */ register char *bufptr; /* pointer into read_buf */ register rdlen; /* read return value */ register int i; /* You know? */ int fdin=(-1), fdout=(-1); /* file descriptors for read/write */ /*********************************************************************** ** Stat VI_IN to get it's size, the open it for reading. ** Create VI_OUT (will contain modified version of VI_IN ************************************************************************/ if( stat( VI_IN, &sbuf ) != -1 && (fdin=open( VI_IN, O_RDONLY )) != -1 && (fdout=open( VI_OUT, O_WRONLY|O_CREAT|O_TRUNC )) != -1 ) { /******************************************************************** ** Malloc area large enough to hold entire file VI_IN. ** Read entire file VI_IN into the malloc'd buffer. *********************************************************************/ if( (read_buf=malloc( (unsigned)sbuf.st_size+1 )) != (char *)0 && (rdlen=read( fdin, read_buf, (unsigned)sbuf.st_size )) == sbuf.st_size ) { /***************************************************************** ** Look through buffer for all occurrences of the string 'shell' ** and replace each one with 5 spaces. ******************************************************************/ for( bufptr=read_buf; bufptr < read_buf+rdlen; bufptr++ ) if( *bufptr == 's' && !strncmp( bufptr, "shell", 5 ) ) for( i=0; i<5; i++ ) *(bufptr++) = ' '; /***************************************************************** ** Write out modified version of VI_IN to VI_OUT. This will be ** the vi that has no 'set shell' command. ******************************************************************/ if( write( fdout, read_buf, rdlen ) != rdlen ) perror( "write" ); }/*end if malloc*/ }/*end if open()*/ else perror( "open" ); if( read_buf != (char *)0 ) free( read_buf ); if( fdin != -1 ) close( fdin ); if( fdout != -1 ) close( fdout ); chmod( VI_OUT, 0555 ); /* chmod +rx-w VI_OUT */ }/*end main*/ /*end fixvi.c*/ -- ------------------------------- {uunet,smu,ames}!sulaco!ozdaltx!toma (Tom Armistead @ Garland, Texas) {mic,void,egsner}!ozdaltx!toma