From owner-freebsd-questions Thu Jun 12 10:42:06 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id KAA09834 for questions-outgoing; Thu, 12 Jun 1997 10:42:06 -0700 (PDT) Received: from nic.7da.nl (root@nic.7da.nl [195.108.246.98]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA09829 for ; Thu, 12 Jun 1997 10:42:02 -0700 (PDT) Received: from dolphin.psd (paul@dial.7da.nl [195.108.246.106]) by nic.7da.nl (8.8.5/8.8.5) with ESMTP id RAA07258 for ; Thu, 12 Jun 1997 17:20:45 +0200 Received: from localhost (paul@localhost [127.0.0.1]) by dolphin.psd (8.8.5/8.8.5) with SMTP id SAA01619 for ; Thu, 12 Jun 1997 18:22:03 +0200 Date: Thu, 12 Jun 1997 18:22:03 +0200 (MET DST) From: Paul Dekkers X-Sender: paul@dolphin.psd To: freebsd-questions@FreeBSD.org Subject: Restricted Shell Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Hi What's the best method of ristricting a shell under FreeBSD or any other UNIX? I know of a solution for ftp that limits the root (a dot in the pathname of the users directory) and I tried something for Linux using a chroot to change the root of the user but then the user can't FTP anymore and I don't like security holes and I'm not sure it's safe because your using uid 0 for that user in this case! Thanx a lot! -- Paul Dekkers (psd@worldaccess.nl)