Wolfgang S. Rupprecht wolfgang.rupprecht at
Thu Aug 12 19:10:49 UTC 2010

Mikkel <mikkel at> writes:
> You may also want to consider setting his shell to rbash. See the
> "RESTRICTED SHELL" section of the bash man page.

Treat rbash as a fun puzzle, not as a security measure.  They did block
">" redirects and ./doit file execution, but that is far from enough.
With a few minutes pondering this solution popped up.

    emacs doit
    <insert  "bash -i" without the quotes>
    . doit
    <instant non-restricted shell>

Wolfgang S. Rupprecht      (IPv6-only)

More information about the users mailing list