[Nottingham] What restricted shell for ftp? What idiot-user GUI
client?
Martin
martin at ml1.co.uk
Fri Feb 2 18:12:17 GMT 2007
Well, this scuppers rbash for any usefulness:
http://www.enterprisenetworkingplanet.com/netsecur/article.php/3640521
"Finally we come to the restricted shells. The most popular, rbash, is a
restricted bash shell. Setting a user's shell to rbash will provide
absolutely zero security. In theory, rbash will prevent users from
running anything by specifying a full path, including './' (the current
directory). This implies that it's difficult for users to run commands,
including scripts they write or downloaded exploits. Since $PATH is
controlled globally, users can only run things in those locations.
Unfortunately, /bin/ is going to need to be in their path, so all a user
needs to do is run a new shell, and rbash is no longer in the picture:
'exec bash'"
Any (easy-ish) better ways?
Cheers,
Martin
--
----------------
Martin Lomas
martin at ml1.co.uk
----------------
More information about the Nottingham
mailing list