Xref: utzoo alt.security:1642 comp.unix.sysv386:853 Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uwm.edu!uwvax!persoft!gorgon!dag From: dag@gorgon.uucp (Daniel A. Glasser) Newsgroups: alt.security,comp.unix.sysv386 Subject: Re: Here's how to stop shell escapes from vi Summary: wrap vi with another program... Message-ID: <1990Sep30.174404.6132@gorgon.uucp> Date: 30 Sep 90 17:44:04 GMT References: <1990Sep28.072202.1184@brolga.cc.uq.oz.au> Organization: Perseus Reductions (Medusa Division) Lines: 24 Maybe someone else has posted this solution, maybe not. I've not seen it mentioned. I've not tried it either. My suggestion is to write a wrapping routine which checks the users gid or uid (or whatever) and based on that either leaves the users PATH and SHELL alone (for those who should be allowed to shell out of vi) or changes both PATH and SHELL environment variables to something safe, (SHELL will point to something like 'main(){write(0,"No shell for you!\n");exit(1);}' and PATH to something which just has what vi might legitimately have to get at. This program will then exec the real vi. I've not tried this with vi, but I have with many games programs. I had one wrapper program which I linked (hard links) to the names of the protected executables, this program looked at argv[0] to determine what program to run (and in a few cases, what environment variables to change -- It would read in .game_FOO files and set environment variables from that file before running game FOO, thus simplifying the user's .profile/.login.) It seems to work. Daniel A. Glasser -- Daniel A. Glasser One of those things that goes dag%gorgon@persoft.com "BUMP! (ouch!)" in the night.