Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 12 Mar 2012 23:10:00 +0100
From:      Polytropon <freebsd@edvax.de>
To:        Steve Bertrand <steve.bertrand@gmail.com>
Cc:        Tim Daneliuk <tundra@tundraware.com>, FreeBSD Mailing List <freebsd-questions@freebsd.org>
Subject:   Re: Editor With NO Shell Access?
Message-ID:  <20120312231000.4bb530e1.freebsd@edvax.de>
In-Reply-To: <4F5E6D3A.50302@gmail.com>
References:  <4F5E4C2A.1020005@tundraware.com> <4F5E6D3A.50302@gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 12 Mar 2012 17:40:10 -0400, Steve Bertrand wrote:
> You can force a user directly into an editor so they have no shell 
> access. For example, if the user has '/bin/csh' as their login shell, 
> adding:
> 
> exec /usr/local/bin/vim
> 
> into their ~/.cshrc file will force them directly into vim. When they 
> exit vim, they are immediately logged off.

Just an idea about extending this idea: What if the shell
field for that user does not contain a shell, but the name
of the editor instead? I assume it has to be "noted" in
/etc/shells to work, but a passwd entry like

	bob:*:1234:1234:Two-loop-Bob:/home/bob:/usr/local/bin/joe

could work (haven't tested that). A list of the files can
be obtained when opening a file ^KE and pressing the Tab key.
It would be worth testing if shell escapes like !command
will work in this constellation...




-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120312231000.4bb530e1.freebsd>