Editor With NO Shell Access?

Joshua Isom jrisom at gmail.com
Tue Mar 13 16:20:44 UTC 2012

On 3/13/2012 10:43 AM, Tim Daneliuk wrote:
> On 03/13/2012 01:39 AM, Joshua Isom wrote:
>> On 3/12/2012 5:23 PM, Polytropon wrote:
>>> On Mon, 12 Mar 2012 15:19:51 -0700, Edward M. wrote:
>>>> On 03/12/2012 03:10 PM, Polytropon wrote:
>>>>> /etc/shells to work, but a passwd entry like
>>>>> bob:*:1234:1234:Two-loop-Bob:/home/bob:/usr/local/bin/joe
>>>> I think this would not let the user to login,etc
>>> I'm not sure... I assume logging in is handled by /usr/bin/login,
>>> and control is then (i. e. after successful login) transferred
>>> to the login shell, which is the program specified in the
>>> "shell" field (see "man 5 passwd") of /etc/passwd. How is
>>> login supposed to know if the program specified in this
>>> field is actually a dialog shell?
>>>> From "man 1 login" I read that many shells have a built-in
>>> login command, but /usr/bin/login is the system's default
>>> binary for this purpose if the "shell" (quotes deserved if
>>> it is an editor as shown in my assumption) has no capability
>>> of performing a login.
>> Are they logging in from the console or from ssh? If it's from a
>> console, I'd send them directly into a jail with limited file system
>> access, so that excecutables don't matter. If it's from ssh, I'd do
>> the same thing.
>> Assume they can break out of the editor or that something will happen.
>> Make it minimalist about what they can do. Use the /rescue/vi in an
>> empty jail with the files available. Don't think about changing
>> editors, change the system.
> That's a really good idea, but we're talking about almost 1000 systems
> here. That's a whole bunch of configuration...

Here's the simplified form.

mkdir -p /edit_jail/usr/share/misc
mkdir -p /edit_jail/var/tmp
cp /usr/share/misc/termcap* /edit_jail/usr/share/misc/
cp /rescue/vi /edit_jail
mount_nullfs /allowable_files /edit_jail/files
jail -c path=/edit_jail command=/vi

Only the last command would need to be done at login.  If you want a 
different editor, you'll have to deal with libraries, etc.  Most only 
need libc and libncurses so it's not that big a deal.

More information about the freebsd-questions mailing list