Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!news.sprintlink.net!dispatch.news.demon.net!demon!palmer.demon.co.uk!palmer.demon.co.uk!not-for-mail From: gary@palmer.demon.co.uk (Gary Palmer) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Restricting Telnet access Date: 17 Aug 1995 04:04:48 +0100 Organization: none Lines: 22 Message-ID: <40ubkg$516@palmer.demon.co.uk> References: <40rt53$a6b@newsbf02.news.aol.com> NNTP-Posting-Host: pc.my.org X-NNTP-Posting-Host: palmer.demon.co.uk In article <40rt53$a6b@newsbf02.news.aol.com>, Big Dawwg <bigdawwg@aol.com> wrote: >How do I go about restricting what a person can do when telneting into my >system? The only privilage I want them to have is to be able to go into >thier own directory to change out there home page files. There are several ``restricted shells'' available for FTP from various system administration orientated sites which will probably do what you want. I know there is a program on src.doc.ic.ac.uk called `resh' (or at least there used to be), and there are similar ones available on many other sites. Please be careful - if you are going to allow them to edit their files with an editor, most editors support shell escapes, i.e. running commands from a shell forked from the editor, and every editor I know of will try running /bin/sh rather than the shell specified in /etc/passwd. Gary -- FreeBSD Core Member E-Mail: Gary@Palmer.Demon.co.uk, gpalmer@FreeBSD.org