Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/3/84; site maynard.UUCP Path: utzoo!linus!alliant!maynard!campbell From: campbell@maynard.UUCP (Larry Campbell) Newsgroups: net.news Subject: Re: Re: Response to <214@randvax.UUCP> <474@zaphod.UUCP> <2322@phri.UUCP> Message-ID: <295@maynard.UUCP> Date: Wed, 14-May-86 00:45:34 EDT Article-I.D.: maynard.295 Posted: Wed May 14 00:45:34 1986 Date-Received: Fri, 16-May-86 01:55:19 EDT References: <214@randvax> <855@ttrdc> Organization: The Boston Software Works Inc., Maynard, MA Lines: 32 > >> Barry Shein > > me > Dan Levy me again > >> Obviously making a chroot'd account with a private bin, usr/bin and > >> usr/ucb (if applicable) would make this much, much safer. One could > >> also carefully limit the commands (is there any good reason for an > >> unshar to ever do an 'rm'? you could put 'rm' somewhere else for use > >> within this account.) ... > >> -Barry Shein, Boston University > >This code already exists, I think... "uuhosts" comes with a program > >called "mapsh" that chroots to a specified directory and then execs an > >arbitrary program. You just need to pipe the shar archive into a > >"mapsh /bin/sh". All we need is to standardize on what set of > >programs need to be available to shar scripts (many sites don't have > >the disk space to have two copies of everything in /usr/bin, and you > >*don't* want to use links for obvious reasons). > >Larry Campbell The Boston Software Works, Inc. > It's not very obvious to me (why links won't do) unless the shar archive must > be run as 'root' or some other account that has the privilege to overwrite the > linked executables. > | dan levy | yvel nad | my own and are not at all those of my em- You're right, there's no reason not to use links, although on a non-BSD system they might not be possible since they might cross filesystems. -- Larry Campbell The Boston Software Works, Inc. ARPA: maynard.UUCP:campbell@harvard.ARPA 120 Fulton Street UUCP: {harvard,cbosgd}!wjh12!maynard!campbell Boston MA 02109