On 3/12/2012 5:23 PM, Polytropon wrote:
On Mon, 12 Mar 2012 15:19:51 -0700, Edward M. wrote:
On 03/12/2012 03:10 PM, Polytropon wrote:
/etc/shells to work, but a passwd entry like
bob:*:1234:1234:Two-loop-Bob:/home/bob:/usr/local/bin/joe
I think this would not let the user to login,etc
I'm not sure... I assume logging in is handled by /usr/bin/login,
and control is then (i. e. after successful login) transferred
to the login shell, which is the program specified in the
"shell" field (see "man 5 passwd") of /etc/passwd. How is
login supposed to know if the program specified in this
field is actually a dialog shell?
From "man 1 login" I read that many shells have a built-in
login command, but /usr/bin/login is the system's default
binary for this purpose if the "shell" (quotes deserved if
it is an editor as shown in my assumption) has no capability
of performing a login.
Are they logging in from the console or from ssh? If it's from a
console, I'd send them directly into a jail with limited file system
access, so that excecutables don't matter. If it's from ssh, I'd do the
same thing.
Assume they can break out of the editor or that something will happen.
Make it minimalist about what they can do. Use the /rescue/vi in an
empty jail with the files available. Don't think about changing
editors, change the system.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
