restricted shell - Security

This is a discussion on restricted shell - Security ; Dear all, this is what i have read in the book ubuntu linux unleashed, if you have a desire to severly restrict what a user can do, you can provide him with a restricted shell. to run a restricted bash ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: restricted shell

  1. restricted shell


    Dear all,

    this is what i have read in the book ubuntu linux unleashed,

    if you have a desire to severly restrict what a user can do, you can
    provide him with a restricted shell. to run a restricted bash shell,
    you would use the -r option

    ex:- bash -r

    then try to do something that you could do as a regular user, such as
    ls -a,

    you will then see

    bash: ls: no such file or directory


    now my question is suppose i have my shell restricted, how to make it
    back un restricted ?

  2. Re: restricted shell

    On 09.07.2008, sulekhasweety@gmail.com wrote:
    >
    > Dear all,
    >
    > this is what i have read in the book ubuntu linux unleashed,
    >
    > if you have a desire to severly restrict what a user can do, you can
    > provide him with a restricted shell. to run a restricted bash shell,
    > you would use the -r option
    >
    > ex:- bash -r
    >
    > then try to do something that you could do as a regular user, such as
    > ls -a,
    >
    > you will then see
    >
    > bash: ls: no such file or directory
    >
    >
    > now my question is suppose i have my shell restricted, how to make it
    > back un restricted ?


    You can't. But you can search for a program, which can execute other
    programs. If you can't find out the rest, then you don't deserve
    unrestricted shell.

    --
    Secunia non olet.
    Stanislaw Klekot

  3. Re: restricted shell

    sulekhasweety@gmail.com wrote:
    > Dear all,
    >
    > this is what i have read in the book ubuntu linux unleashed,
    >
    > if you have a desire to severly restrict what a user can do, you can
    > provide him with a restricted shell. to run a restricted bash shell,
    > you would use the -r option


    You may also want to consider creating a bash with an AppArmor
    profile. That will allow you to customize what a user can and
    cannot do. AppArmor is not hard to use... but there is a learning
    curve.

    >
    > ex:- bash -r
    >
    > then try to do something that you could do as a regular user, such as
    > ls -a,
    >
    > you will then see
    >
    > bash: ls: no such file or directory


    That's not a "restriction", that's just not having a PATH
    properly setup in the restricted shell.

    However, you will find a restricted shell to be pretty
    primitive... takes a bit of work to design things to
    work in the confines of a restricted shell environment.
    Knife cuts both ways... in some ways... I find the
    restricted shell to NOT be the answer to anything.

    >
    >
    > now my question is suppose i have my shell restricted, how to make it
    > back un restricted ?


    Exit that shell and executed a non-restricted shell



+ Reply to Thread