[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Restricted Shell with PINE access

To: David Chima <david at sdnp.org.mw>
Subject: Re: Restricted Shell with PINE access
From: Brian Candler <B.Candler at pobox.com>
Date: Mon, 10 Feb 2003 15:49:44 +0000
Cc: afnog at afnog.org
Content-Disposition: inline
Content-Type: text/plain; charset=us-ascii
Delivered-To: afnog-archive at lists.eahd.or.ug
Delivered-To: afnog-outgoing at afnog.org
Delivered-To: afnog at afnog.org
In-Reply-To: <3E47DEBB.6469.A4F0DFD at localhost>; from david at sdnp.org.mw on Mon, Feb 10, 2003 at 05:17:47PM +0200
References: <3E47DEBB.6469.A4F0DFD at localhost>
Sender: owner-afnog at afnog.org
User-Agent: Mutt/1.2.5i

On Mon, Feb 10, 2003 at 05:17:47PM +0200, David Chima wrote:
> Hello,
> I want to have a restricted shell on one of my mail servers. I chose to use a restricetd
> bash. But I want my users to only run pine and see their mail, compose and send. Is
> there a way I would do this?

Doing this properly is hard.

You can make their shell actually _be_ pine itself - i.e. when they login
they go straight into pine. Just put /usr/local/bin/pine in the shell field
in the password file. The problem is that pine may have an option to allow
them to drop out into a shell.

So, you could make their shell be a script which invokes pine with some
options, e.g.

#!/bin/sh
exec pine --some-flag-to-stop-them-shelling-out

There are probably lots of other holes you'd need to tie down though - for
example to stop the user choosing their own text editor, and then shelling
out from inside the text editor, and to stop them creating a .pinerc with
options in it which could get them a shell.

If your users are relatively unsophisticated, though, this may be sufficient
for your needs; that is, if you are trying to keep them out of the shell to
stop them getting confused, not for any sense of "security".

If security is the concern - then you *must* assume that the user will be
able to get a shell. So limit them in the same way you would any shell user:
set ulimit so that they can't steal all the resources on the box, lock down
file permissions so that they can't see what you don't want them to see
(e.g. chown home directories to 700 so that user A can't see user B's
files), and so on.

At worst, you could consider running each user in a jail(8) - but that
involves having a separate copy of all the system libraries in each user's
home directory, and is probably more trouble than it's worth.

Regards,

Brian.

-----
This is the afnog mailing list, managed by Majordomo 1.94.5

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org

References:
- Restricted Shell with PINE access
  - From: "David Chima" <david at sdnp.org.mw>
- Restricted Shell with PINE access
  - From: "David Chima" <david at sdnp.org.mw>

Prev by Date: Restricted Shell with PINE access
Next by Date: Login problems in redhat 7.1
Prev by thread: Restricted Shell with PINE access
Next by thread: Login problems in redhat 7.1
Index(es):
- Date
- Thread