security
Wolfgang S. Rupprecht
wolfgang.rupprecht at gmail.com
Thu Aug 12 19:10:49 UTC 2010
Mikkel <mikkel at infinity-ltd.com> writes:
> You may also want to consider setting his shell to rbash. See the
> "RESTRICTED SHELL" section of the bash man page.
Treat rbash as a fun puzzle, not as a security measure. They did block
">" redirects and ./doit file execution, but that is far from enough.
With a few minutes pondering this solution popped up.
emacs doit
<insert "bash -i" without the quotes>
. doit
<instant non-restricted shell>
-wolfgang
--
Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/ (IPv6-only)
More information about the users
mailing list