On 7/25/05, Abel Talaversn Estevez <[EMAIL PROTECTED]> wrote: > Hi all, > > I need to create a particular but simple shell for a firewall running OpenBSD > 3.6. The idea is create a user whose shell is a very limited one. This shell > or command line interpreter (CLI) must have permissions only in the home > directory.
Hi: Operating ksh in restricted mode may fulfill your needs. Here from the man page for ksh (this is the public domain Korn Shell in OpenBSD): -r Restricted shell. A shell is ``restricted'' if this option is used or if either the basename the shell was invoked with or the SHELL parameter match the pattern ``*r*sh'' (e.g. rsh, rksh, rpdksh). The following restrictions come into effect after the shell processes any profile and ENV files: o The cd command is disabled. o The SHELL, ENV, and PATH parameters cannot be changed. o Command names can't be specified with absolute or relative paths. o The -p option of the built-in command command can't be used. o Redirections that create files can't be used (i.e. `>', `>|', `>>', `<>'). -- Kind regards, Jonathan