Escaping from shell-scripts
fbsd8 at a1poweruser.com
Thu Nov 18 14:43:20 UTC 2010
Julian Fagir wrote:
> I'm planning a service with a login-user-interface. Thus, I want to restrict
> the user somehow to this script and to do nothing else.
> The straight-forward way would be to write this script, have all input parsed
> by read and then let the script act according to this input (let's assume
> that these tools are secure, it's just cp'ing and writing to
> non-sensitive files.
> Are there possibilities to escape from such a script down to a prompt?
> On the other hand, if I would take python for this, so a python-script is
> executed, are there ways to get to a generic python-prompt?
> The restriction to that script would be done by either setting the
> login-shell to that script, setting the ssh-command for that account/key (and
> ensuring that it can't be altered), or both.
> All in all, this is a more general question I have for quite a time: Can you
> use shell-scripts for security-relevant environments? Does an attacker have
> the possibility to escape from a script down to a prompt?
> I'm not that into shell-programming and there are too many legacies about
> terminals (some time ago, I had to cope with termcap...) and shells which one
> just can't all know.
> E.g., it was just a few days ago I found out what a terminal-stop means and
> that it is still interpreted by screen, though using it for several years now.
> Regards, Julian
Your should think about "JAILS" and qjail in particular,
If you don't have to many users just allocate a jail for each user id or
all those users in a single jail and then you don't need any of the
script stuff you are talking about.
More information about the freebsd-questions