Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83 (MC840302); site boring.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!allegra!bellcore!decvax!linus!philabs!cmcl2!seismo!mcvax!boring!jack
From: jack@boring.UUCP
Newsgroups: net.unix-wizards
Subject: Re: disallowing subshell in More
Message-ID: <6317@boring.UUCP>
Date: Tue, 12-Feb-85 08:27:59 EST
Article-I.D.: boring.6317
Posted: Tue Feb 12 08:27:59 1985
Date-Received: Sat, 16-Feb-85 06:08:00 EST
References: <346@haddock.UUCP>
Reply-To: jack@boring.UUCP (Jack Jansen)
Organization: CWI, Amsterdam
Lines: 22
Summary: 
Apparently-To: rnews@mcvax.LOCAL


I thought I'd throw in my 10 cents worth :
Setting $SHELL is *NOT* going to work.

I remember using a games account, with SHELL set to something
funny. The way to get a shell was the following :
- Run a game that gave help.
- Ask for the helpfile (which was, of course, given to more)
- Startup 'vi' with the v command.
- do a ':set shell=/bin/sh'
- Type ':sh'
Et voila........

If you *really* want to make more secure, you should either use
chroot() to move the superuser off into the void (preferably
into a directory that cannot be reached by normal users),
or get rid of superuser permissions as soon as possible, e.g.
after opening all the files you need, do a fork(), a setuid(),
and then do with the files whatever you want.
-- 
	Jack Jansen, {decvax|philabs|seismo}!mcvax!jack
Notice new, improved, faster address         ^^^^^