[lug] replacing login shell
Hugh Brown
hugh at vecna.com
Wed Jun 26 21:02:48 MDT 2002
"D. Stimits"
>
> Hugh Brown wrote:
> >
> > On Wed, 2002-06-26 at 16:24, D. Stimits wrote:
> > > One thing many people don't seem to realize (not talking about BLUG, but
> > > unrelated experiences) is that a shell can be almost any program that
> > > accepts stdin. If you look in /etc/, files "shells" and "passwd", you
> > > can add different programs to become a login. A very long time ago, I
> > > once added a MUD as the login shell to a few users I wanted to chat with
> > > (and you could do this with an IRC client as well). If you were to get
> > > the source to the ssh client, and hard wire it to a specific IP address,
> > > and possibly disable a few things, you'd be much more secure than with a
> > > script that can be suspended (let's say you have the script secure, then
> > > you would still have the ssh problems, so having only ssh is not a
> > > penalty compared to script controlled ssh). One thing that makes me
> > > suggest hard waring is that you need to pass arguments to ssh client...I
> > > would hard code it as needed, make it not accept arguments, and call it
> > > something like "ssh-shell", then add it to /etc/shells, and alter given
> > > login names to have this as the default shell (and if this is the case,
> > > they will find it difficult to chsh to a non-ssh shell).
> > >
> > > D. Stimits, stimits at idcomm.com
> >
> > I realize this is a general comment, but I am wondering what ssh
> > problems there could be, in this specific case. I suspend, but I don't
> > get anything but another telnet prompt, I can't run chsh. I want to
> > know if there is some way of bypassing my set up, but I can't find one
> > (I'm probably just ignorant).
> >
> > Hugh
>
> I have never tried, but if you use a shell script, it should generally
> be able to do things with environment variables, or to simply kill it
> before the shell gets far enough along, and have it do some alternative
> behavior. Unless it is some form of a secure shell, perhaps in a chroot
> environment, I would not consider it moderately secure (it should fool
> the average guy, but not necessarily someone who knows something about
> shells). Having one less program in the path of dominoes is a security
> bonus.
>
> D. Stimits, stimits at idcomm.com
Anyone have any specifics? I really would like to be able to say with some
assurance that this will work in a secure way. The shell script only has
two commands a trap that traps signals 123 and the telnet command. I am
the average guy in the above scenario. I would like to take strides toward
the more capable than average guy.
Hugh
More information about the LUG
mailing list