On Mon, Apr 01, 2002 at 10:35:35AM -0500, Jon McCain wrote: > All of this has gotten me to thinking about another flaw in the way I > have things set up. I'm preventing users from getting to a $ by running > a menu from their profile. > > exec /usr/bin/menu > > This works fine since the exec causes menu to become their shell > process. > > But some smart user could get around this by using pscp to upload their > own .bash_profile. Even if I fix it so I have them chroot'd on their > home would not prevent this since this file is in their home. > > But changing permissions on the .bash_profile so they don't own it (and > not in their group) should take care of that problem. They can read it > all they want, just not change it.
Why not change the users' shell to /usr/bin/menu? Bye, Chris -- http://www.tuxedo.org/~esr/faqs/smart-questions.html __ _ -o)/ / (_)__ __ ____ __ Chris Reeves /\\ /__/ / _ \/ // /\ \/ / ICQ# 22219005 _\_v __/_/_//_/\_,_/ /_/\_\ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]