Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!allegra!mit-eddie!genrad!panda!talcott!harvard!bbnccv!bbncca!aoa!mbr
From: mbr@aoa.UUCP (Mark Rosenthal)
Newsgroups: net.news.adm,net.news.sa,net.sources.d,net.wanted.sources
Subject: Re: Beware of Blindly Un-SHARing a File
Message-ID: <456@aoa.UUCP>
Date: Tue, 15-Apr-86 09:28:44 EST
Article-I.D.: aoa.456
Posted: Tue Apr 15 09:28:44 1986
Date-Received: Fri, 18-Apr-86 06:01:32 EST
References: <947@kitty.UUCP> <2407@prls.UUCP> <1439@garfield.columbia.edu>
Reply-To: mbr@aoa.UUCP (Mark Rosenthal)
Organization: Adaptive Optics Assoc., Cambridge, Mass. USA
Lines: 16
Keywords: ``Relink'' April Fool
Xref: watmath net.news.adm:595 net.news.sa:268 net.sources.d:114 net.wanted.sources:2173

In article <1439@garfield.columbia.edu> dupuy@columbia.UUCP (Alex Dupuy) writes:
>    Another thing which can be done in the short term is to unshar programs
>with something other than sh. ...
>I have
>some ideas on making it secure, including running suid to some innocuous user,
>limiting the programs which will be exec'd to cat, sed, wc, chmod, or uudecode,
>and always running in an empty subdirectory.  If anyone has other ideas, I'd be
>glad to hear them.

Another idea.  Don't just run it in an empty subdirectory.  Chroot to that
subdirectory.
-- 

	Mark of the Valley of Roses
	...!{decvax,linus,ima,ihnp4}!bbncca!aoa!mbr
	...!{wjh12,mit-vax}!biomed!aoa!mbr