Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!ucsd!ucbvax!ORION.CERFACS.FR!farestam
From: farestam@ORION.CERFACS.FR (Stefan Farestam)
Newsgroups: comp.sys.sgi
Subject: Re:  /bin/rsh question
Message-ID: <9106300137.AA08984@ultima.cerfacs.fr>
Date: 30 Jun 91 01:37:24 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 27


   I guess the way to do this is to create a /usr/rbin directory, in
   which you put links to the executables that you want the restricted
   shell to access. Then you set the path of the restricted shell to
   only contain /usr/rbin. I think it is also advisable to create a
   subdirectory in the home directory of the restricted user which you
   place him in whe logging in. A sample .profile for a restricted shell
   could look like:

echo 'Available commands: talk, write and who'
/bin/echo 'tutor logged on '`date` from $REMOTEHOST '\n'\
          `finger @$REMOTEHOST`\
          | mail farestam
PATH=/usr/rbin
trap '.logout' 0
cd sorry


      /Stefan


   .................................................................   
 .             Stefan Farestam    <farestam@cerfacs.fr>              .
.   __ __  __ _  _ _                                                  .
.  /  |_ )|_ /_\/ (          European Centre for Research and         .
 . \_ |__\| /   \__)    Advanced Training in Scientific Computation  .
   .................................................................