Xref: utzoo alt.security:1631 comp.unix.sysv386:801
Path: utzoo!utgpu!cs.utexas.edu!samsung!munnari.oz.au!brolga!ant
From: ant@brolga.cc.uq.oz.au (Anthony Murdoch)
Newsgroups: alt.security,comp.unix.sysv386
Subject: Re: Here's how to stop shell escapes from vi
Message-ID: <1990Sep28.072202.1184@brolga.cc.uq.oz.au>
Date: 28 Sep 90 07:22:02 GMT
References: <2441@sud509.ed.ray.com> <1990Sep18.120450.14590@nstar.uucp> 	<1990Sep20.153105.28394@naitc.naitc.com> <11285:Sep2022:15:2090@kr 	<924@mwtech.UUCP> <PA06YE4@xds13.ferranti.com> <WAYNE.90Sep27073633@dsndata.uucp>
Organization: Prentice Computer Centre, The University of Queensland, Australia.
Lines: 25

wayne@dsndata.uucp (Wayne Schlitt) writes:
>In article <PA06YE4@xds13.ferranti.com> peter@ficc.ferranti.com (Peter da Silva) writes:
>> In article <1990Sep20.153105.28394@naitc.naitc.com> karl@bbs.naitc.com (Karl Denninger) writes:
>> > Without source code to "vi" there is NO WAY to prevent this.  Believe me.  
>> 
>> adb -w /bin/vi
>> 
>> Just zap the "/bin/sh" and the name of the "shell" variable.

>ok, /bin/sh can be zapped easily, but i am not sure about the SHELL
>variable.  what to you zap it to?  changing "SHELL" to "XXXXX" just
>moves the problem, using unprintable characters probably wont solve it
>either.  would zapping the 'S' to a '\0' really work?

If you change SHELL to something and then make vi unreadable then surely that
makes it secure enough for you (unless of course you don't want to allow root
to have a shell ;-)

ant

-- 
  V   ant                       "It's great to be young and insane"
 \o/  ant@brolga.cc.uq.oz.au                    - Dream Team
 -O-  Anthony Murdoch           Prentice Computer Centre
 /0\  Phone (07) 3774078        University of Qld