[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The restricted shell can be easily circumvented.
|
From: |
Chet Ramey |
|
Subject: |
Re: The restricted shell can be easily circumvented. |
|
Date: |
Tue, 07 Apr 2015 00:13:33 -0400 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 |
On 4/4/15 1:22 AM, David Bonner wrote:
> Bash Version: 4.3
> Patch Level: 30
> Release Status: release
>
> Description:
> The restricted shell opened by calling rbash or bash with the -r or
> --restricted option can be easily circumvented with the
> command 'chroot / bash' making the restricted shell useless because
> anyone can get out of it with this command.
If the administrator, or whomever sets up the restricted environment,
doesn't set PATH to something that contains only trusted commands and
doesn't have a `cd' that puts the user somewhere other than his home
directory in a startup file that the restricted shell reads,
restricted shell mode is essentially useless.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU chet@case.edu http://cnswww.cns.cwru.edu/~chet/