Path: utzoo!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!uunet!tut.cis.ohio-state.edu!zaphod.mps.ohio-state.edu!brutus.cs.uiuc.edu!apple!oliveb!orc!mipos3!omepd!merlyn
From: merlyn@iwarp.intel.com (Randal Schwartz)
Newsgroups: comp.unix.wizards
Subject: Re: Secure (regular) Scripts_
Message-ID: <5381@omepd.UUCP>
Date: 22 Dec 89 16:42:01 GMT
References: <9100020@m.cs.uiuc.edu> <1078@st_nik.UUCP>
Sender: news@omepd.UUCP
Reply-To: merlyn@iwarp.intel.com (Randal Schwartz)
Organization: Stonehenge; netaccess via Intel, Hillsboro, Oregon, USA
Lines: 23
In-reply-to: nik@st_nik.UUCP (Nik Simpson x333)

In article <1078@st_nik.UUCP>, nik@st_nik (Nik Simpson x333) writes:
| 
| 	I encountered this problem writing some menu based code a couple of 
| years ago,  in most case programs that allow a shell escape seem to check
| the value of the shell variable SHELL,  and exec this as the shell.  If 
| you change SHELL either using putenv if you are working in executable
| or 
| 	SHELL="something harmless";export SHELL
| 
| 	In a script this disbles shell escapes from most well behaved programs
| in my experience.

Except in 'vi'.  You can ":set shell=/bin/sh" any'ol' time.

As has been said before, you need a completely separate environment to
get complete security, and this is no exception.

Just another security weenie,
-- 
/== Randal L. Schwartz, Stonehenge Consulting Services (503)777-0095 ====\
| on contract to Intel's iWarp project, Hillsboro, Oregon, USA, Sol III  |
| merlyn@iwarp.intel.com ...!uunet!iwarp.intel.com!merlyn	         |
\== Cute Quote: "Welcome to Oregon... Home of the California Raisins!" ==/