Date: Thu, 18 Nov 2010 11:15:52 -0500 (EST) From: doug <doug@fledge.watson.org> To: Julian Fagir <gnrp@physik.tu-berlin.de> Cc: freebsd-questions@freebsd.org Subject: Re: Escaping from shell-scripts Message-ID: <alpine.BSF.2.00.1011181013090.97870@fledge.watson.org> In-Reply-To: <20101118145239.10937b78@adolfputzen> References: <20101118145239.10937b78@adolfputzen>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 18 Nov 2010, Julian Fagir wrote: > Hi, > > I'm planning a service with a login-user-interface. Thus, I want to restrict > the user somehow to this script and to do nothing else. > > The straight-forward way would be to write this script, have all input parsed > by read and then let the script act according to this input (let's assume > that these tools are secure, it's just cp'ing and writing to > non-sensitive files. > > Are there possibilities to escape from such a script down to a prompt? > > On the other hand, if I would take python for this, so a python-script is > executed, are there ways to get to a generic python-prompt? > > The restriction to that script would be done by either setting the > login-shell to that script, setting the ssh-command for that account/key (and > ensuring that it can't be altered), or both. > > > All in all, this is a more general question I have for quite a time: Can you > use shell-scripts for security-relevant environments? Does an attacker have > the possibility to escape from a script down to a prompt? > > I'm not that into shell-programming and there are too many legacies about > terminals (some time ago, I had to cope with termcap...) and shells which one > just can't all know. > E.g., it was just a few days ago I found out what a terminal-stop means and > that it is still interpreted by screen, though using it for several years now. > > > Regards, Julian If you make a program a shell AFAIK to escape is to logff. Bash has a chroot like facility that might work. However if you write a simple C program as a wrapper for your shell script and make that program a shell, I would think that is pretty secure.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1011181013090.97870>