Restricted UNIX Shells

Restricted UNIX Shells

Post by Benjamin J. Gavi » Thu, 12 Jun 1997 04:00:00

  I have a quick question.  We are interested in setting up a restricted
UNIX command shell for a few of our customers.  We would like a shell
that gives our users access to their home directories (and below), as
well as the ability to run programs specified in their path.  We would
not like them to be able to see or move outside their home directory, or
change their PATH environment variable.  Has anyone done this before?
If so how?  We have looked at quite a few things, and running 'sh -r'
doesn't givce the desired effect.

Thanks for any help,
Ben Gavin


Restricted UNIX Shells

Post by Per Kistle » Fri, 13 Jun 1997 04:00:00

Hi Ben

It's easy to do, but why suppress people? Isn't it a nice thing,
if someone has some more interests in useing unix, than just copy
some files within the homedirectory? You can easily close some
directories which you do not want to be used by users.
If they should not run certain programs, than one can also
restrict their usage. Unix provides the group attribute for
such purposes. One can put someone into a secondaray group, so
that he has additional access for an otherwise closed directory.

Bye, Per.
Per Kistler
Programmer (Unix/Perl/C++)
Institute for Isotope Geology and Mineral Resources, ETH, Switzerland


Restricted UNIX Shells

Post by Srinivasa Ra » Tue, 17 Jun 1997 04:00:00

There was one shell known as restricted shell, I dont remmeber exactly
what it is .. rsh says that it is a remote shell, but I remember
longtime back using it as a restricted shell. I myself am curious to
know about this.




Restricted UNIX Shells

Post by Rob S. Wolfr » Sun, 22 Jun 1997 04:00:00

Quote:>There was one shell known as restricted shell, I dont remmeber exactly
>what it is .. rsh says that it is a remote shell, but I remember
>longtime back using it as a restricted shell. I myself am curious to
>know about this.

If you start the Korn shell with the name 'rsh' or 'rksh', the shell
becomes restricted. I'm not sure, but for all I know this also goes for
starting the Bourne shell with 'rsh'.



L I N U X :   T H E   C H O I C E   O F   A   G N U   G E N E R A T I O N
Micro$oft is not the answer; Micro$oft is the question. The answer is NO.


1. restricted shell/restricting login

A while ago I posted a question about how to restrict logins to our
ultrix systems.  Someone sent me a C or shell script which I'm
embarassed to say I've misplaced.  I think is was called "syslogin".
Please re-send it to me, whoever you are (were).

Here's the problem I wish to solve:

What I want to do is split the modem pool into 2 numbers - one for
students and one for faculty/staff.  

I want to the login procedure to check which terminal server a connection
is coming from.  The procedure should then check the account and see if that
account is entitled to connect from that terminal server...if so,
then continue normally, if not then print a message like "Please dial
the number xxx-xxxx".

We have DEC terminal servers (I don't wish to use lat groups) and
Ultrix 4.2a.

I'm certain I'm not re-inventing the wheel here.  Any comments, suggestions
and pointers are most welcome.

Thanks in advance...

Trent University Computing & Telecommunications  tel: (705)748-1540
Peterborough, Ontario, Canada, K9J 7B8           fax: (705)748-1246

2. Recursive Tree Copy (with filter)?

3. restricted shell or restricted access

4. Simple routing setup

5. restricted shell - not so restrict

6. Solaris 8 x86 problem: IPv6

7. New to UNIX/Solaris: Restricted shell and CDE

8. autostart in KDE2

9. RESTRICT shell, TOOLS for security on UNIX

10. rksh shell, how do i stop .profile from loading in restricted shell

11. Restricted Shell Script for Free Shell

12. UNIX Free shell accounts Bots allowed Cuentas shell bajo unix gratis permiten bots

13. using cd in restricted shell