Date: Fri, 19 May 1995 09:47:17 -0400 (EDT) From: Dataradio sysadmin <root@vhf.dataradio.com> To: Christian <PLAZAS_CHRISTIAN@mercury.csg.peachnet.edu> Cc: security@FreeBSD.org Subject: Re: Disabling subshell spawn in Telnet & Ftp clients Message-ID: <Pine.NEB.3.91.950519094446.3335A-100000@vhf.dataradio.com> In-Reply-To: <5364FB10FE9@mercury.csg.peachnet.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 17 May 1995, Christian wrote: > I am in the process of setting up a FreeBSD box for student use > at my school. I am restricting what a user can do through a menu > system that they cannot break out of....there is only one > problem...two of the menu choices are FTP and Telnet. Both of these > clients have a command that will allow the user to get a subshell...I > want to be able to disable this option. I know that some freenets > that allow telnet & ftp have done this so I know it can be done. I > am no C guru so please take this into consideration when you reply. > Thanks in advance. > I think what you will find useful is setting the user's default shell in the password file to point to your menu system. That way, when the user spawns a subshell, it will simply re-invoke the menu system. With a simple semaphore file, you could easily detect that the menu system is already in use, and take the necessary actions. Good luck! ----- Andrew Webster DATARADIO, Inc. Network Manager http://www.dataradio.com Special Projects awebster@dataradio.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.91.950519094446.3335A-100000>