From owner-freebsd-hackers  Sun May 25 14:50:59 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id OAA10915
          for hackers-outgoing; Sun, 25 May 1997 14:50:59 -0700 (PDT)
Received: from mail.cdsnet.net (mail.cdsnet.net [204.118.244.5])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA10909
          for <hackers@freebsd.org>; Sun, 25 May 1997 14:50:56 -0700 (PDT)
Received: from mail.cdsnet.net (mail.cdsnet.net [204.118.244.5])
          by mail.cdsnet.net (8.8.5/8.7.3) with SMTP id OAA16450
          for <hackers@freebsd.org>; Sun, 25 May 1997 14:50:55 -0700 (PDT)
Date: Sun, 25 May 1997 14:50:55 -0700 (PDT)
From: Jaye Mathisen  <mrcpu@cdsnet.net>
To: hackers@freebsd.org
Subject: Correct way to chroot for shell account users?
Message-ID: <Pine.NEB.3.95.970525144745.28807A-100000@mail.cdsnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



Anybody got any tips on how to write  a secure shell to exec on login to
set a users environment to the "right thing".

(I don't mean a rsh type secure shell, but rather a good secure thing
to have in /etc/master.passwd that execs the real shell in a chroot'd 
environment.).

Any code appreciated as well.  Thanks.