Path: utzoo!utgpu!attcan!uunet!ncc!augate!lyndon
From: lyndon@auvax.uucp (Lyndon Nerenberg)
Newsgroups: comp.unix.wizards
Subject: Re: Restricted shell (was Re: rsh environment)
Summary: Security? WHAT security?
Keywords: no /etc/profile sourced?
Message-ID: <425@aurora.auvax.uucp>
Date: 29 Dec 88 05:01:41 GMT
References: <1276@uwbull.uwbln.UUCP> <14640@cisunx.UUCP> <901@philmds.UUCP> <278@dcs.UUCP>
Reply-To: lyndon@auvax.UUCP (Lyndon Nerenberg)
Organization: Athabasca University
Lines: 34

In article <278@dcs.UUCP> wnp@dcs.UUCP (Wolf N. Paul) writes:
>Some notes: sh and rsh are links to the same binary, with "sh -r" being 
>equivalent to an invocation of rsh. "set -r" after the shell has started
>also has the same effect, as Leo's demo showed. The manual further points out
>that shell scripts are executed using standard sh, thus the restriction can
>probably be gotten around.

No kidding :-)

Script started on Wed Dec 28 21:54:59 1988
(9:55pm) aurora:/nfs/aurora2/lyndon% sh -r
$ pwd
/nfs/aurora2/lyndon
$ cd ..
cd: restricted
$ sh
$ pwd
/nfs/aurora2/lyndon
$ cd ..
$ pwd
/nfs/aurora2
(9:55pm) aurora:/nfs/aurora2/lyndon% exit

script done on Wed Dec 28 21:55:41 1988

The only way to make this work properly is to modify sh to always run
restricted mode, and make sure the users path has this version of
sh in front of /bin/sh. You can also make sh a disabled 'builtin'
command when you're running restricted. Either way, shell scripts
start to act strange ...

-- 
Lyndon Nerenberg   Computing Services   Athabasca University
{alberta, attvcr, ncc}!auvax!lyndon  ||  lyndon@nexus.ca