From owner-freebsd-questions Fri Jul 12 03:12:34 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id DAA24749 for questions-outgoing; Fri, 12 Jul 1996 03:12:34 -0700 (PDT) Received: from hustle.rahul.net (hustle.rahul.net [192.160.13.2]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id DAA24739 for ; Fri, 12 Jul 1996 03:12:30 -0700 (PDT) Received: by hustle.rahul.net with UUCP id AA23582 (5.67b8/IDA-1.5 for questions@FreeBSD.ORG); Fri, 12 Jul 1996 03:08:44 -0700 Received: (from jim@localhost) by starshine (8.6.11/8.6.9) id DAA02053; Fri, 12 Jul 1996 03:06:56 -0700 From: Jim Dennis Message-Id: <199607121006.DAA02053@starshine> Subject: Re: Restricted shell for Web users To: paul@nation-net.com (Paul Walsh) Date: Fri, 12 Jul 1996 03:06:55 -0700 (PDT) Cc: questions@FreeBSD.ORG In-Reply-To: <31E4D747.16C9@nation-net.com> from "Paul Walsh" at Jul 11, 96 11:28:23 am X-Mailer: ELM [version 2.4 PL24] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > Can anyone advise on configuring a shell account suitable for commercial > users of a web server offering rented space, access via ftp/telnet and > standard apps like perl would need to be available. Most of these seem to offer ftp access only (using "sticky bit" directories - and/or possibly wu-ftp "guest group" facilities) > Mail accounts aren't needed, just forwarding. > I've heard there is such a thing as a virtual shell? It sounds like just > what I need!! If you insist on allowing telnet into it (and poviding a shell account) you might look at the 'restricted shell' (I think there is a command line option on Bourne or Korn and support for it automatically assume this option if called via the name 'rsh' -- i.e. via a hardlink). The restrictions an this 'rsh' ('jsh'???) are something like: can't change directory, can't set/unset any variables, can't create any shell functions or aliases, etc. If you find out more (like an FAQ on them) I'd like to hear about it.