From owner-freebsd-questions@FreeBSD.ORG Tue Mar 13 16:20:43 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id CAFF2106566C for ; Tue, 13 Mar 2012 16:20:43 +0000 (UTC) (envelope-from jrisom@gmail.com) Received: from mail-gy0-f182.google.com (mail-gy0-f182.google.com [209.85.160.182]) by mx1.freebsd.org (Postfix) with ESMTP id 855E48FC08 for ; Tue, 13 Mar 2012 16:20:43 +0000 (UTC) Received: by ghrr20 with SMTP id r20so910787ghr.13 for ; Tue, 13 Mar 2012 09:20:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=IaDt6jHU0Dg1uEOyPbuTuG761Jf4O+vMndWVBGMpZsk=; b=z17Ov52y0J6IIDvApECCTaQxrFoCNjobnMrLtrVDHzTsh7dkvJESN6M7W0uqxbI8TM jl2a6j3fFmoyjRkMja4CPeu8i3TSHiwCQ4K77YvMGMZLGdPN32ldhpZQezivbU9QKhjo 8o+xM/Zsz6gWLcDnDJnuMhKYrwiGP3zsOQ5QNSIOUlljxzYh2pjXweZ9x9GNkfeZ6zbL Oruee3KdBUVBScrc9cAZG86Imx5SXYicNxH8tQMR4h2g0VmCbqmP5xGhUzqz4zrRgup1 PKTR67OFvrt8aMNRfQNM62tu6SADu6qqJKk9a7mUv6dDKbR5c9kJZv1NlEH8oVIRTjwk Wh1w== Received: by 10.60.27.6 with SMTP id p6mr13436231oeg.36.1331655642806; Tue, 13 Mar 2012 09:20:42 -0700 (PDT) Received: from [192.168.1.3] (c-98-212-197-29.hsd1.il.comcast.net. [98.212.197.29]) by mx.google.com with ESMTPS id g2sm1467515obl.7.2012.03.13.09.20.40 (version=SSLv3 cipher=OTHER); Tue, 13 Mar 2012 09:20:41 -0700 (PDT) Message-ID: <4F5F73D0.6040507@gmail.com> Date: Tue, 13 Mar 2012 11:20:32 -0500 From: Joshua Isom User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <4F5E4C2A.1020005@tundraware.com> <4F5E6D3A.50302@gmail.com> <20120312231000.4bb530e1.freebsd@edvax.de> <4F5E7687.5070808@gmail.com> <20120312232300.4da8ebf3.freebsd@edvax.de> <4F5EEBB4.1080608@gmail.com> <4F5F6B1A.7070808@tundraware.com> In-Reply-To: <4F5F6B1A.7070808@tundraware.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Editor With NO Shell Access? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Mar 2012 16:20:44 -0000 On 3/13/2012 10:43 AM, Tim Daneliuk wrote: > On 03/13/2012 01:39 AM, Joshua Isom wrote: >> On 3/12/2012 5:23 PM, Polytropon wrote: >>> On Mon, 12 Mar 2012 15:19:51 -0700, Edward M. wrote: >>>> On 03/12/2012 03:10 PM, Polytropon wrote: >>>>> /etc/shells to work, but a passwd entry like >>>>> >>>>> bob:*:1234:1234:Two-loop-Bob:/home/bob:/usr/local/bin/joe >>>> >>>> >>>> I think this would not let the user to login,etc >>> >>> I'm not sure... I assume logging in is handled by /usr/bin/login, >>> and control is then (i. e. after successful login) transferred >>> to the login shell, which is the program specified in the >>> "shell" field (see "man 5 passwd") of /etc/passwd. How is >>> login supposed to know if the program specified in this >>> field is actually a dialog shell? >>> >>>> From "man 1 login" I read that many shells have a built-in >>> login command, but /usr/bin/login is the system's default >>> binary for this purpose if the "shell" (quotes deserved if >>> it is an editor as shown in my assumption) has no capability >>> of performing a login. >>> >>> >>> >> >> Are they logging in from the console or from ssh? If it's from a >> console, I'd send them directly into a jail with limited file system >> access, so that excecutables don't matter. If it's from ssh, I'd do >> the same thing. >> >> Assume they can break out of the editor or that something will happen. >> Make it minimalist about what they can do. Use the /rescue/vi in an >> empty jail with the files available. Don't think about changing >> editors, change the system. > > That's a really good idea, but we're talking about almost 1000 systems > here. That's a whole bunch of configuration... > Here's the simplified form. mkdir -p /edit_jail/usr/share/misc mkdir -p /edit_jail/var/tmp cp /usr/share/misc/termcap* /edit_jail/usr/share/misc/ cp /rescue/vi /edit_jail mount_nullfs /allowable_files /edit_jail/files jail -c path=/edit_jail command=/vi Only the last command would need to be done at login. If you want a different editor, you'll have to deal with libraries, etc. Most only need libc and libncurses so it's not that big a deal.