Path: utzoo!utstat!helios.physics.utoronto.ca!jarvis.csri.toronto.edu!cs.utexas.edu!usc!ucsd!ucbvax!bloom-beacon!eru!luth!sunic!mcsun!ukc!sys.uea!cmp7130
From: cmp7130@sys.uea.ac.uk (R.M. O'Neill)
Newsgroups: news.software.nn
Subject: Re: Prohibiting Shell escapes from within NN
Keywords: secure environment
Message-ID: <1303@sys.uea.ac.uk>
Date: 19 Feb 90 12:31:45 GMT
References: <1990Feb16.115156.29745@me.toronto.edu>
Distribution: news
Organization: UEA, Norwich, UK
Lines: 25

eastick@me.utoronto.ca (Doug Eastick) writes:
>Has anyone hacked NN to disallow shell escapes?  If NN was to be used
>in a BBS environment, it would be nice if you could stop people from
>getting to the shell, vi, etc...
>
>"#ifdef RESTRICT_SHELL" in the appropriate places would be nice.
>
>Trying to avoid some work...

A solution to your problem may already exist, and work for other things
besides 'nn'. Do :-

setenv SHELL /bin/echo   (or /my-path/my-shell-escape-command-ignorer )

before entering nn.

As far as I can see (and I could be wrong) there is no way to change the
SHELL environment variable once in 'nn' - thus its secure.

   Richard,
-- 
+--------------------------------------------------------------------+
| #include <picture.h>	             | UUCP:  ..|ukc|uea-sys|cmp7130 |
| Richard O'Neill, UEA, Norwich, UK  | Janet: cmp7130@uk.ac.uea.sys  |
+--------------------------------------------------------------------+