Christopher Howard wrote:
> On Sun, 25 Jan 2009, Shane R. Spencer wrote:
>
>> Christopher Howard wrote:
>>>
>>> However, someone had suggested to me that the program would be a
>>> nifty way
>>> for some companies to allow untrusted users to have access to some
>>> programs inside a shell account, without actually having full access to
>>> the shell. (The program can be called by the profile, so that it is the
>>> first thing that opens when a users logs in via ssh.)
>>>
>>> I think this could work. The issue is (as I have verified through
>>> testing), is that if a user simply sets his TERM variable to something
>>> nonsensical before logging in, the program will die and the user will
>>> have
>>> immediate access to the shell. (Which is not what the company wanted.)
>>>
>> Ah.. how are the users shells set up? Just /bin/bash in /etc/passwd?
>> Something similar?
>>
>> Shane
>>
>
> On my Debian systems it's '/bin/sh', though '/bin/sh' is just a shortcut
> to 'bash' in the same directory.
>
So you could probably replace the shell with your program, cool.
-- Attached file included as plaintext by Ecartis --
-- File: signature.asc
-- Desc: OpenPGP digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkl9QPEACgkQXK/vGhypreLadQCdE1CS4hqiDmTgtZHtlOzoEkRD
yuoAoJAwoUunepTvl/8g4L4ci2ZAwkRh
=j4rj
-----END PGP SIGNATURE-----
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sun Jan 25 19:50:08 2009
This archive was generated by hypermail 2.1.8 : Sun Jan 25 2009 - 19:50:08 AKST