From owner-freebsd-hackers Mon Sep 25 00:31:48 1995 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id AAA04262 for hackers-outgoing; Mon, 25 Sep 1995 00:31:48 -0700 Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id AAA04256 for ; Mon, 25 Sep 1995 00:31:44 -0700 Received: from sax.sax.de by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id IAA28628; Mon, 25 Sep 1995 08:31:02 +0100 Received: by sax.sax.de (8.6.11/8.6.12-s1) with UUCP id IAA02076; Mon, 25 Sep 1995 08:31:00 +0100 Received: (from j@localhost) by uriah.heep.sax.de (8.6.12/8.6.9) id IAA06270; Mon, 25 Sep 1995 08:11:02 +0100 From: J Wunsch Message-Id: <199509250711.IAA06270@uriah.heep.sax.de> Subject: Re: FreeBSD Questions To: gcrutcher@datatrek.com (Gary Crutcher) Date: Mon, 25 Sep 1995 08:11:01 +0100 (MET) Cc: hackers@freebsd.org Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) In-Reply-To: <24091995171734970.II18467@datatrek.com> from "Gary Crutcher" at Sep 24, 95 05:08:09 pm X-Phone: +49-351-2012 669 X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Content-Length: 711 Sender: owner-hackers@freebsd.org Precedence: bulk As Gary Crutcher wrote: > > 1) How or where do I get a 'restricted' shell program for customers > telneting into my site? There's no such thing like a `restricted' shell available. All the so-called `restricted' shells on other systems give admins a false confidence; they usually could be bypassed by a hacker in (depending on the line speed) less than 5 minutes. I'm not sure if you'd like it still... The only safe environment for such a case is setting up a chroot environment. It's a bit more work, but you can have a better feeling after you're done. :-) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ Never trust an operating system you don't have sources for. ;-)