HPE Community
Operating System - HP-UX
1834137 Members
2391 Online
110064 Solutions
New Discussion

Query regarding trap and preventing user breakout

 
Adam Noble
Super Advisor

‎05-14-2003 12:59 AM

‎05-14-2003 12:59 AM

Query regarding trap and preventing user breakout

I would be grateful if somebody could assist me with the following:-

We are providing users with the facility to add userid's for a specific application by using a menu. I am using sudo and a menu script to enable them to do this but need to prevent them from being able to break out of the script. I have set the following at the start of the script trap " " 01 02 03 15 and this appears to prevent all forms of user breakout apart from ctrl D. I can through the initial case statement ensure that if ctrl D is entered it simply starts again, but as the script goes on this becomes more difficult can ctrl D be trapped in the same way as say ctrl-C. Any ideas would be appreciated.
0 Kudos
Reply
2 REPLIES 2
David_246
Trusted Contributor

‎05-14-2003 01:16 AM

‎05-14-2003 01:16 AM

Re: Query regarding trap and preventing user breakout

Hi Adam,

What I did to prevent this is the following.

/home/user/.profile :

exec /program/to/run
exit

So, whenever a user logs in, the specific program you mention is being exec(uted) from within the .profile. If they get a chance to breakout of that program they very easily continue in the .profile. And that says an exit.
Easy isn't it ?

Regs David
@yourservice
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎05-14-2003 01:25 AM

‎05-14-2003 01:25 AM

Re: Query regarding trap and preventing user breakout


Using a script, even with trap, is never guaranteed to stop someone breaking out. They could simply keep hitting Ctrl-C and eventually would get lucky and break out of it before the trap command was executed.

Only way to ensure this is write it in a C program - then modify their login shell in /etc/passwd to be the C program.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.