LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 03-09-2005, 10:42 AM   #1
or1onas
Member
 
Registered: Mar 2004
Location: Athens,Greece
Distribution: Debian,Ubuntu
Posts: 181

Rep: Reputation: 31
chrooted account - shell options


Hi everybody,
i've created a chrooted env for an account and i've been trying to test it a bit.
When in console, pressing tab twice gives me the following:

! case elif function mv shift umask
./ cd else getopts popd shopt unalias
: command enable hash printf source unset
[ compgen esac help pushd suspend until
[[ complete eval history pwd test wait
]] continue exec if read then while
alias cp exit in readonly time {
bash declare export jobs return times }
bg dirs false kill rm trap
bind disown fc let select true
break do fg local set type
builtin done fi logout sftp typeset
caller echo for ls sh ulimit

is this ok? Is there some kind of security issue i should have in mind?
Chrooting works ok. I've copied some necessary files in chroot's /bin folder, but i just want to be sure that it's the least needed.
Are the above just options given from /bin/sh?
Thanx in advance!
 
Old 03-10-2005, 03:05 AM   #2
nukkel
Member
 
Registered: Mar 2003
Location: Belgium
Distribution: Hardened gentoo
Posts: 323

Rep: Reputation: 30
Hi,

most of these commands are shell built-ins, so it looks good (very restricted).
You could even remove bin/rm to prevent the user deleting files (if that's what you want

Further, you could use quota to prevent the user from filling up your hard disk or put the chroot environment on a separate partition...

Oh, and don't forget, if the user should have access to the network, you'll need to copy /etc/resolv.conf (or /etc/hosts) to the chroot.

hope this helps!

nukkel
 
Old 03-10-2005, 03:20 AM   #3
or1onas
Member
 
Registered: Mar 2004
Location: Athens,Greece
Distribution: Debian,Ubuntu
Posts: 181

Original Poster
Rep: Reputation: 31
thanx a lot nukkel.
you cleared things up :-)
 
Old 03-10-2005, 04:32 AM   #4
nukkel
Member
 
Registered: Mar 2003
Location: Belgium
Distribution: Hardened gentoo
Posts: 323

Rep: Reputation: 30
No problem!

have fun!!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux Shell Account rabeea Linux - Networking 2 08-31-2004 03:59 PM
chrooted virtual admin account for pure-ftpd? NonSumPisces Linux - Newbie 0 08-15-2004 01:56 PM
what OS is my shell account running? rid00z Linux - Newbie 1 10-13-2003 06:08 AM
Free shell account benjaminrtz Linux - General 3 09-27-2003 01:00 PM
chrooted telnet/ssh account sophie Linux - Software 0 09-03-2003 06:26 PM


All times are GMT -5. The time now is 12:44 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration