LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Problem with .profile file (https://www.linuxquestions.org/questions/linux-security-4/problem-with-profile-file-103872/)

gallet 10-14-2003 01:02 PM
Problem with .profile file
 
I am using a legacy application in my unix SCO box, so i have defined in the .profile file for each user to go into the application. which is the problem? each user have a terminal emulator in their windows OS, every time when the user go into the application you have to put a username, but without a password, once the application is opened you have to put a username and password but for the application, so to point out the problem when i telnet the unix box for example:

c:\>telnet 10.x.x.x

login:john
if i press enter and at the same time a press the delete key rather than open the application it goes to the unix shell, so do not you think this is a security threats.

Pls: If someone can help me i would be appreciate

bastard23 10-14-2003 03:49 PM
gallet,

If you want the user only to run the application, change their shell to the application, not /bin/sh (or whatever). When the application exits, the user should be logged out. Of course, if the app lets you run the shell, this won't close any security threats.

Good Luck,
chris


All times are GMT -5. The time now is 08:52 AM.