On 1/11/12 6:12 AM, Jonathan Nieder wrote:
> Hi,
>
> Sarnath K - ERS, HCLTech wrote:
>
>> I see this problem in the latest Bash 4.2 as well. Say, I invoke
>> "rbash" or "bash -r". This leaves me in a restrictive shell.
>> However, this restrictive shell allows me to run "bash" or any other
>> shell (without execing - just simply run) which leaves me in a
>> normal shell.
>
> Typically rbash is used with a nonstandard PATH setting to give users
> access to a restricted set of commands.
The restricted shell is only one of several components of a restricted
environment. Two others are a (readonly) value of $PATH that includes
only the directory Jonathan mentioned (typically /usr/rbin) and not
giving users write access to their home directory. A readonly .profile
in a readonly home directory sets up the desired $PATH and leaves the
user in some other scratch directory to which he has write access. When
I set this kind of thing up about 25 years ago, we used ~/work.
It's appropriate for the bash man page to describe the bash behavior
when run in restricted mode. That's not the place for a tutorial on
how to set up a restricted environment.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU [email protected] http://cnswww.cns.cwru.edu/~chet/
