From owner-freebsd-security Fri Jul 10 11:18:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA17600 for freebsd-security-outgoing; Fri, 10 Jul 1998 11:18:39 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from infowest.com (infowest.com [204.17.177.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA17595 for ; Fri, 10 Jul 1998 11:18:38 -0700 (PDT) (envelope-from agifford@infowest.com) Received: from infowest.com (eq.net [207.49.60.250]) by infowest.com (8.8.8/8.8.8) with ESMTP id MAA09049 for ; Fri, 10 Jul 1998 12:18:02 -0600 (MDT) Message-ID: <35A65AD0.438A6F28@infowest.com> Date: Fri, 10 Jul 1998 12:17:52 -0600 From: "Aaron D. Gifford" X-Mailer: Mozilla 4.05 [en] (X11; U; FreeBSD 2.2.6-STABLE i386) MIME-Version: 1.0 To: security@FreeBSD.ORG Subject: a chroot() shell wrapper Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I'm a relative newbie in coding for security, but I threw together a chroot() wrapper last night that is used as a user's shell. It chroot()s to a jail and runs another shell in the jail. It seems pretty straightforward, but I suspect I've missed some obvious things. I've got it online at http://www.eq.net/software/chrsh.c -- I called it chrsh but there's probably something already named that, though a quick web search didn't find anything. I was considering using rsh (the restricted shell), but it looked like it didn't do a chroot() jail, which is what I wanted. If you download it and look at it, please let me know if you notice any glaring errors or omissions. It seems to work on my own FreeBSD 2.2.6-STABLE system. Even though I searched and didn't notice anything, I GREATLY suspect I just reinvented the wheel. If so, please let me know and point me in the right direction. :) Aaron out. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message