Christopher Howard wrote:
>
> However, someone had suggested to me that the program would be a nifty way
> for some companies to allow untrusted users to have access to some
> programs inside a shell account, without actually having full access to
> the shell. (The program can be called by the profile, so that it is the
> first thing that opens when a users logs in via ssh.)
>
> I think this could work. The issue is (as I have verified through
> testing), is that if a user simply sets his TERM variable to something
> nonsensical before logging in, the program will die and the user will have
> immediate access to the shell. (Which is not what the company wanted.)
>
Ah.. how are the users shells set up? Just /bin/bash in /etc/passwd?
Something similar?
Shane
-- Attached file included as plaintext by Ecartis --
-- File: signature.asc
-- Desc: OpenPGP digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkl8mGUACgkQXK/vGhypreJMbQCfVxFfBxVLwLvvGVLfTOC1cSYg
pU4AnRX9XMGdWQtQ1Z9v7mLx2+QRXRPI
=uTtS
-----END PGP SIGNATURE-----
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sun Jan 25 07:50:58 2009
This archive was generated by hypermail 2.1.8 : Sun Jan 25 2009 - 07:50:59 AKST