Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!uunet!cs.utexas.edu!sun-barr!newstop!east!playroom!cliffs From: cliffs@sun.com (Clifford C. Skolnick) Newsgroups: comp.unix.wizards Subject: Re: Secure (regular) Scripts_ Message-ID: Date: 19 Dec 89 16:21:12 GMT References: <9100020@m.cs.uiuc.edu> Sender: news@playroom.UUCP Lines: 46 In-reply-to: carey@m.cs.uiuc.edu's message of 19 Dec 89 01:38:49 GMT I'll tell you what I did at a former job. It's ugly, but it worked. What we did was check argv[0][0] in the shell to see if it was a "-", which will usually signifies a login shell. If it was not equal, we would check the uid to see if it matched a list of uid's to not allow interactive shell access. This did break some things, like runing "grep" and "awk" stuff out of vi. I also remember rn "follow-up" feature breaking. There were many others, but this was better than nothing. You can also place this in a wrapper on the real /bin/sh if you do not have source. In article <9100020@m.cs.uiuc.edu> carey@m.cs.uiuc.edu writes: Path: playroom!east!newstop!sun-barr!apple!mips!zaphod.mps.ohio-state.edu!brutus.cs.uiuc.edu!ux1.cso.uiuc.edu!ux1.cso.uiuc.edu!m.cs.uiuc.edu!carey From: carey@m.cs.uiuc.edu Newsgroups: comp.unix.wizards Date: 19 Dec 89 01:38:49 GMT Lines: 21 Nf-ID: #N:m.cs.uiuc.edu:9100020:000:1071 Nf-From: m.cs.uiuc.edu!carey Dec 18 10:42:00 1989 I have made a guest login on one of our machines, for outside people to get access to some notesfiles and send mail to users and things like that. It runs a shell script (bourne shell), which allows the guest user to choose from a menu of things to do. I want to keep people in this shell script, and not allow them to have access to a regular shell. One thing I have tried to prevent is having people send interrupts and things like that to interrupt the shell script. Another big problem is that many things, like notes, mail, and even editors, have "shell escapes" built into them. Is there any way to prevent people from using these shell escapes, or at least having them not be able to do anything once they have done it? Do I have to rewrite mail and editors, to disable the shell escapes? I wanted to avoid using the "rsh" (restricted shell) since that is kind of an administrative hassle. It would be better than rewriting editors. The best thing would be some kind of trick to have them end up in a black hole somewhere when they do a shell escape. -- Cliff Skolnick cliffs@sun.com Sun Microsystems Inc. (I only work for them. I do not speak for them) "The floggings will continue until morale improves"