have the .bash_profile check to see if the user id is the id running the cgi, i.e. nobody or whichever user is running apache, and then exit. ----- Original Message ----- From: "Jens Knoell" <jens@xxxxxxxxxxxx> To: "Linux Admin" <linux-admin@xxxxxxxxxxxxxxx> Sent: Tuesday, February 24, 2004 11:42 AM Subject: Restricting shells... > This is kinda tricky: > > Situation: > - A webserver, hosting a page which has CGIs enabled > - Not-too-bright webdesigner putting up scripts that allow "escaping", by > i.e. sending a receipient of someone@somewhere;/bin/bash -i > > I want to restrict _interactive_ bash shells (other shells are not a concern > yet). Is there _any_ way to do that, short of wrapping bash into a little > program that checks by whom bash got called and with which parameters? > > Thanks > Jens > > - > : send the line "unsubscribe linux-admin" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html - : send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
