[Next] [Previous] [Up] [Top] [Contents]

28.10 Additional Security Features in SunOS 5.X

28.10.1 Restricted Shell

Restricted shells allow you to control the user's environment. The restricted shell, rsh, allows the user to do everything allowed by sh, except:

The restricted shell is /usr/lib/rsh. This should not be confused with the remote shell, which is /usr/bin/rsh.

Don't rely too heavily on the restricted shell. It's not that restricted. While you can't specify a command name that begins with "/", you can specify arguments that do. So if cat is in your path you could type:

% cat /etc/passwd

and have a look at the password file. Also, some programs, such as editors and telnet, allow you to escape out to a shell and editors can edit/view any file with read access allowed on the system.

Unix System Administration - 8 AUG 1996
[Next] [Previous] [Up] [Top] [Contents]