Re: restricted bash (rbash)

Hi! In article <[EMAIL PROTECTED]>, Nick Clifford <[EMAIL PROTECTED]> wrote: >Personally, a chroot jail is the only thing I trust when I need to setup >an isolated or restricted environment. Its difficult to break out of a >chroot jail even when you are root, but it can be done. So ensure they >

Re: restricted bash (rbash)

Hi! In article <[EMAIL PROTECTED]>, Nick Clifford <[EMAIL PROTECTED]> wrote: >Personally, a chroot jail is the only thing I trust when I need to setup >an isolated or restricted environment. Its difficult to break out of a >chroot jail even when you are root, but it can be done. So ensure they

Re: restricted bash (rbash)

On Thu, Nov 16, 2000 at 09:02:33AM -0200, Pedro Zorzenon Neto wrote: > I forgot one thing about all this... > > All about the restricted bash could be useless if you forget to > lock the ftp acount of the restricted users. > > You can avoid them to edit and create shell scripts inside their

Re: restricted bash (rbash)

I forgot one thing about all this... All about the restricted bash could be useless if you forget to lock the ftp acount of the restricted users. You can avoid them to edit and create shell scripts inside their telnet session, but if you forget to lock their ftp session ... they could p

Re: restricted bash (rbash)

On Thu, Nov 16, 2000 at 09:02:33AM -0200, Pedro Zorzenon Neto wrote: > I forgot one thing about all this... > > All about the restricted bash could be useless if you forget to > lock the ftp acount of the restricted users. > > You can avoid them to edit and create shell scripts inside thei

Re: restricted bash (rbash)

I forgot one thing about all this... All about the restricted bash could be useless if you forget to lock the ftp acount of the restricted users. You can avoid them to edit and create shell scripts inside their telnet session, but if you forget to lock their ftp session ... they could

Re: restricted bash (rbash)

Hi, On 15 Nov 2000, Peter Cordes <[EMAIL PROTECTED]> wrote: > > > Jochen, > > > > mkdir /usr/local/bin/restricted;ln -s > > /usr/local/bin/restricted/;... > > > > export PATH=/usr/local/bin/restricted;exec rbash > > > > ...boom. Now only the commands you want the user to be able to ru

Re: restricted bash (rbash)

Hi, On 15 Nov 2000, Peter Cordes <[EMAIL PROTECTED]> wrote: > > > Jochen, > > > > mkdir /usr/local/bin/restricted;ln -s > > /usr/local/bin/restricted/;... > > > > export PATH=/usr/local/bin/restricted;exec rbash > > > > ...boom. Now only the commands you want the user to be able to r

FW: restricted bash (rbash)

Subject: Re: restricted bash (rbash) On Tue, Nov 14, 2000 at 04:34:33PM +0100, Jan Martin Mathiassen wrote: > On Tue, Nov 14, 2000 at 01:30:57PM -0200, Pedro Zorzenon Neto wrote: > > I put /bin/rbash as the default shell (in /etc/passwd) for some users that > > I just want them to u

FW: restricted bash (rbash)

: restricted bash (rbash) On Tue, Nov 14, 2000 at 04:34:33PM +0100, Jan Martin Mathiassen wrote: > On Tue, Nov 14, 2000 at 01:30:57PM -0200, Pedro Zorzenon Neto wrote: > > I put /bin/rbash as the default shell (in /etc/passwd) for some users that > > I just want them to use a r

Re: restricted bash (rbash)

$ /bin/sh rbash: /bin/sh: restricted: cannot specify `/' in command names Francois, if you want to know more about rbash, take a look at: http://igbt.sel.eesc.sc.usp.br/cgi-bin/dwww?type=man&location=/usr/share/man/man1/rbash.1.gz Bye On Wed, Nov 15, 2000 at 08:11:23PM +0100, Francois Cerbelle

Re: restricted bash (rbash)

On Wed, Nov 15, 2000 at 12:08:30AM -0800, Alexander Hvostov wrote: > Jochen, > > mkdir /usr/local/bin/restricted;ln -s > /usr/local/bin/restricted/;... > > export PATH=/usr/local/bin/restricted;exec rbash > > ...boom. Now only the commands you want the user to be able to run will be > available

Re: restricted bash (rbash)

$ /bin/sh rbash: /bin/sh: restricted: cannot specify `/' in command names Francois, if you want to know more about rbash, take a look at: http://igbt.sel.eesc.sc.usp.br/cgi-bin/dwww?type=man&location=/usr/share/man/man1/rbash.1.gz Bye On Wed, Nov 15, 2000 at 08:11:23PM +0100, Francois Cerbell

Re: restricted bash (rbash)

On Wed, Nov 15, 2000 at 12:08:30AM -0800, Alexander Hvostov wrote: > Jochen, > > mkdir /usr/local/bin/restricted;ln -s > /usr/local/bin/restricted/;... > > export PATH=/usr/local/bin/restricted;exec rbash > > ...boom. Now only the commands you want the user to be able to run will be > availabl

Re: restricted bash (rbash)

That worked really well. I changed in /etc/passwd home directory of my restricted users to: /usr/local/bin/restricted users's shell to: /bin/rbash And created .bashrc .bash_profile in /usr/local/bin/restricted with: export PATH=~ Then I put the commands I want to

Re: restricted bash (rbash)

That worked really well. I changed in /etc/passwd home directory of my restricted users to: /usr/local/bin/restricted users's shell to: /bin/rbash And created .bashrc .bash_profile in /usr/local/bin/restricted with: export PATH=~ Then I put the commands I want to

Re: restricted bash (rbash)

On Tue, Nov 14, 2000 at 03:51:56PM +, Colin Phipps wrote: : On Tue, Nov 14, 2000 at 04:34:33PM +0100, Jan Martin Mathiassen wrote: : > On Tue, Nov 14, 2000 at 01:30:57PM -0200, Pedro Zorzenon Neto wrote: : > > I put /bin/rbash as the default shell (in /etc/passwd) for some users that : > > I

Re: restricted bash (rbash)

Jochen, mkdir /usr/local/bin/restricted;ln -s /usr/local/bin/restricted/;... export PATH=/usr/local/bin/restricted;exec rbash ...boom. Now only the commands you want the user to be able to run will be available. Shell scripts, however, continue to work fine, since their `hash bang' doesn't pay

Re: restricted bash (rbash)

On Tue, Nov 14, 2000 at 03:51:56PM +, Colin Phipps wrote: : On Tue, Nov 14, 2000 at 04:34:33PM +0100, Jan Martin Mathiassen wrote: : > On Tue, Nov 14, 2000 at 01:30:57PM -0200, Pedro Zorzenon Neto wrote: : > > I put /bin/rbash as the default shell (in /etc/passwd) for some users that : > > I

Re: restricted bash (rbash)

On Wed, Nov 15, 2000 at 03:32:20PM +1300, Nick Clifford wrote: > Pedro Zorzenon Neto wrote: > > > Hi, all > > > > I put /bin/rbash as the default shell (in /etc/passwd) for some users > > that > > I just want them to use a restricted login. > > > > > > Ok, I'm assuming you only want users who

Re: restricted bash (rbash)

Jochen, mkdir /usr/local/bin/restricted;ln -s /usr/local/bin/restricted/;... export PATH=/usr/local/bin/restricted;exec rbash ...boom. Now only the commands you want the user to be able to run will be available. Shell scripts, however, continue to work fine, since their `hash bang' doesn't pay

Re: restricted bash (rbash)

On Wed, Nov 15, 2000 at 03:32:20PM +1300, Nick Clifford wrote: > Pedro Zorzenon Neto wrote: > > > Hi, all > > > > I put /bin/rbash as the default shell (in /etc/passwd) for some users > > that > > I just want them to use a restricted login. > > > > > > Ok, I'm assuming you only want users wh

Re: restricted bash (rbash)

Pedro Zorzenon Neto wrote: > Hi, all > > I put /bin/rbash as the default shell (in /etc/passwd) for some users > that > I just want them to use a restricted login. > Ok, I'm assuming you only want users who have this shell to only be able to access certian things, run only a limited set of co

Re: restricted bash (rbash)

Pedro Zorzenon Neto wrote: > Hi, all > > I put /bin/rbash as the default shell (in /etc/passwd) for some users > that > I just want them to use a restricted login. > Ok, I'm assuming you only want users who have this shell to only be able to access certian things, run only a limited set of c

Re: restricted bash (rbash)

Hi, On 14 Nov 2000, Pedro Zorzenon Neto <[EMAIL PROTECTED]> wrote: > > When the user logs in, rbash is being executed and the restricted login is > working well. But, if the user executes 'bash', everything becames > unrestricted. > > How can I deny the execution of shells inside rb

Re: restricted bash (rbash)

On Tue, Nov 14, 2000 at 04:34:33PM +0100, Jan Martin Mathiassen wrote: > On Tue, Nov 14, 2000 at 01:30:57PM -0200, Pedro Zorzenon Neto wrote: > > I put /bin/rbash as the default shell (in /etc/passwd) for some users that > > I just want them to use a restricted login. > > > > When the user log

restricted bash (rbash)

Hi, all I put /bin/rbash as the default shell (in /etc/passwd) for some users that I just want them to use a restricted login. When the user logs in, rbash is being executed and the restricted login is working well. But, if the user executes 'bash', everything becames unrestricted. How can

Re: restricted bash (rbash)

Hi, On 14 Nov 2000, Pedro Zorzenon Neto <[EMAIL PROTECTED]> wrote: > > When the user logs in, rbash is being executed and the restricted login is > working well. But, if the user executes 'bash', everything becames unrestricted. > > How can I deny the execution of shells inside rbas

Re: restricted bash (rbash)

On Tue, Nov 14, 2000 at 04:34:33PM +0100, Jan Martin Mathiassen wrote: > On Tue, Nov 14, 2000 at 01:30:57PM -0200, Pedro Zorzenon Neto wrote: > > I put /bin/rbash as the default shell (in /etc/passwd) for some users that > > I just want them to use a restricted login. > > > > When the user lo

restricted bash (rbash)

Hi, all I put /bin/rbash as the default shell (in /etc/passwd) for some users that I just want them to use a restricted login. When the user logs in, rbash is being executed and the restricted login is working well. But, if the user executes 'bash', everything becames unrestricted. How ca