doug <d...@fledge.watson.org> writes: > If you make a program a shell AFAIK to escape is to logff. Bash has a > chroot like facility that might work. However if you write a simple C > program as a wrapper for your shell script and make that program a > shell, I would think that is pretty secure.
As long as you don't call anything that can create an inferior shell. A common mistake when doing this kind of thing is to allow some file editing or mail reading, using programs that have a "shell escape" capability. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
