Operating System - HP-UX
1827459 Members
4730 Online
109965 Solutions
New Discussion

Re: restricted shell and the command "cd"

 
Richard Woolley
Frequent Advisor

restricted shell and the command "cd"

we found that cd cannot be used with a restricted shell! however we would like to write our own 'wrapper' but obviously this also includes calling cd by the restricted users shell... any ideas?
7 REPLIES 7
Jeff Schussele
Honored Contributor

Re: restricted shell and the command "cd"

Hi Mark,

One idea would be to use SUID (set UserID) on the wrapper so that when it calls cd it reports as a non-restricted user.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
Richard Woolley
Frequent Advisor

Re: restricted shell and the command "cd"

tried the sticky bit with rcd, when run though it isnt honouring it... its still using the restricted shell and ignoring the sticky bit request!

cheers,

mark.
Jordan Bean
Honored Contributor

Re: restricted shell and the command "cd"


From man sh-posix, rsh restricts the following:

+ Changing directory (see the cd special command and cd(1))
+ Setting the value of SHELL, ENV, or PATH
+ Specifying path or command names containing /
+ Redirecting output (>, >|, <>, and >>)

The restrictions above are enforced after the .profile and ENV files are interpreted.


If it isn't necessary to restrict any of these, then don't use rsh.

If the user really needs to work in another directory, then a subshell (sh) can be invoked to permit the use of cd.

Jordan Bean
Honored Contributor

Re: restricted shell and the command "cd"


Correction, a normal subshell (sh) can be invoked from rsh only if rsh is not the login shell. However, csh works.

Wodisch
Honored Contributor

Re: restricted shell and the command "cd"

Hi Mark,

with restricted shells, "cd" does only work from within "/etc/profile" and "$HOME/.profile", but stops working afterwards.
So *you* can "cd" that user into any directory you want, from within ".profile", but s/he cannot get away from there.
For that reason s/he should not have write permission for ".profile" nor "$HOME"!

HTH,
Wodisch
Jeff Schussele
Honored Contributor

Re: restricted shell and the command "cd"

Hi (again) Mark,

The sticky bit is not the same as SUID.
SUID in octal would be 4xxx (u=s) and would look like -rwsr--r--
whereas the sticky bit is octal 1xxx (u=t) & looks like rw-r--r-T

The difference is that SUID means set the owner of the process upon execution to the owner of the file. The passwd (/sbin/passwd) executable is a prime example because ONLY root can update the /etc/passwd file - but ANYONE can change their PW. This can only be so by use of SUID.

Sticky bit means save text image on file execution i.e. don't dump the text portion of the executable from memory when the program ends. It's a way for a frequently used executable (vi?) to load faster for the second & subsequent users. Has nothing to do with ownership.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
MANOJ SRIVASTAVA
Honored Contributor

Re: restricted shell and the command "cd"

Hi Mark


"

10.3.1 Restricted Shell
The restricted shell is designed to put the user into an environment where his or her ability to move around and write files is severely limited. It's usually used for "guest" accounts. You can make a user's login shell restricted by putting rksh or ksh -r in the user's /etc/passwd entry.

The specific constraints imposed by the restricted shell disallow the user from doing the following:

Changing working directories: cd is inoperative. If you try to use it, you will get the error message "ksh: cd: restricted".

Redirecting output to a file: the redirectors >, >|, <>, and >> are not allowed.

Assigning a new value to the environment variables SHELL, ENV, or PATH.

Specifying any pathnames with slashes (/) in them. The shell will treat files outside of the current directory as "not found."

These restrictions go into effect after the user's .profile and environment files are run.

This means that the restricted shell user's entire environment is set up in .profile. Since the user can't overwrite that file, this lets the system administrator configure the environment as he or she sees fit.

Two common ways of setting up such environments are to set up a directory of "safe" commands and have that directory be the only one in PATH, and to set up a command menu from which the user can't escape without exiting the shell.

you may also look at :
http://nevada.tpi.pl/books/b022/ch10_03.htm


and

http://google.yahoo.com/bin/query?p=restrict+ls+in+rksh&hc=0&hs=0
Also look at this http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x4b278f960573d611abdb0090277a778c,00.html link :


All the best .

Manoj Srivastava