Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!sunybcs!neil
From: neil@sunybcs.UUCP
Newsgroups: comp.unix.wizards
Subject: Re: \"special\" shells a security hole?
Message-ID: <2260@sunybcs.UUCP>
Date: Sun, 8-Feb-87 01:21:18 EST
Article-I.D.: sunybcs.2260
Posted: Sun Feb  8 01:21:18 1987
Date-Received: Sun, 8-Feb-87 08:24:27 EST
References: <3953@brl-adm.ARPA> <2590002@hpisod2.HP> <3037@gitpyr.gatech.EDU>
Sender: nobody@sunybcs.UUCP
Reply-To: neil@joey.UUCP (Neil Smithline)
Organization: SUNY/Buffalo Computer Science
Lines: 22

In article <3037@gitpyr.gatech.EDU> robert@gitpyr.UUCP (Robert Viduya) writes:
->Actually, you can "disable" shell escapes from more(1) or ex(1) or any
->other program that follows conventions by simply setting the SHELL
->environment variable to a null program before executing the program.
-> ......
->Watch out for programs that allow shell escapes but ignore SHELL, though.
->I don't know of any that do, but that doesn't mean they don't exists.
->They're anti-social anyway.

You also have to worry about the EDITOR envariable as well.
Restricting someones shell but allowing them to choose their editor is
just as dangerous as allowing them to run the shell of their choice.
I don't know, but perhaps some programs use the VISUAL envariable for
a visual editor as well.

				Neil


Neil Smithline			
csnet:	neil@buffalo.CSNET
uucp:	..!{allegra,ames,decvax,watmath}!sunybcs!neil
bitnet:	neil@sunybcs.BITNET