Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!iuvax!rutgers!cmcl2!adm!smoke!ibd!heilpern
From: heilpern@ibd.BRL.MIL (Mark A. Heilpern )
Newsgroups: comp.unix.wizards
Subject: Re: Restricted shell (was Re: rsh environment)
Keywords: no /etc/profile sourced?
Message-ID: <227@ibd.BRL.MIL>
Date: 27 Dec 88 16:06:17 GMT
References: <1276@uwbull.uwbln.UUCP> <14640@cisunx.UUCP> <901@philmds.UUCP>
Reply-To: heilpern@brl.arpa (Mark A. Heilpern (IBD) <heilpern>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 24

In article <901@philmds.UUCP> leo@philmds.UUCP (Leo de Wit) writes:

>I'm interested both in what restriction means in System V, and whether
>there is any documentation about -r (set -r, sh -r) for the BSD /bin/sh.
>Furthermore I'm interested in hearing about its use (for what, and how).
>
>        Leo.

In general, you would want to set up a restricted user, perhaps using the
computer to operate automated equiptment. (Though I can't justify the
need for a shell rather than a well written control program.)
You would set up a sub-structure complete with a home directory and a
home/bin directory. The user would (obviously) be placed in the home
directory upon login, the PATH set to home/bin. (S)he could then use
the commands/programs inside the home/bin directory, yet would not be able
to change directory (to poke around the system, etc.) or use commands
not authorized.
--
These are my opinions and you can't have them.

-- 
 |\/|         |
 |  |   _     |<
/    \_(_(_)\_/ \______