Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 8 May 2002 12:31:24 -0400
From:      "Justin King" <justin@othius.com>
To:        <freebsd-security@FreeBSD.ORG>
Subject:   Re: Accounts with Restricted privileges
Message-ID:  <004801c1f6ad$cbca1c40$ba9254a6@romy>
References:  <200205081623.g48GNkl89410@dc.cis.okstate.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
man bash

RESTRICTED SHELL
       If bash is started with the name rbash, or the  -r  option
       is  supplied  at invocation, the shell becomes restricted.
       A restricted shell is used to set up an  environment  more
       controlled  than  the  standard shell.  It behaves identi-
       cally to bash with the exception that  the  following  are
       disallowed or not performed:

       o      changing directories with cd

       o      setting  or  unsetting  the  values of SHELL, PATH,
              ENV, or BASH_ENV

       o      specifying command names containing /

       o      specifying a file name containing a / as  an  argu-
              ment to the .  builtin command

       o      Specifying  a  filename  containing  a  slash as an
              argument to the -p option to the hash builtin  com-
              mand

       o      importing function definitions from the shell envi-
              ronment at startup

       o      parsing the value of SHELLOPTS from the shell envi-
              ronment at startup

       o      redirecting output using the >, >|, <>, >&, &>, and
              >> redirection operators

       o      using the exec builtin command to replace the shell
              with another command

       o      adding or deleting builtin commands with the -f and
              -d options to the enable builtin command

       o      specifying the -p option  to  the  command  builtin
              command

       o      turning  off  restricted mode with set +r or set +o
              restricted.



----- Original Message ----- 
From: "Martin McCormick" <martin@dc.cis.okstate.edu>
To: <freebsd-security@FreeBSD.ORG>
Sent: Wednesday, May 08, 2002 12:23 PM
Subject: Accounts with Restricted privileges


> Is it possible to create an account with a restricted
> shell?
> 
> The documentation for bash shows that it can be invoked
> with the --restricted flag.  A check of the handbook shows
> nothing more about this topic.  Neither did a look at the man
> pages for login.
> 
> Thank you.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004801c1f6ad$cbca1c40$ba9254a6>