Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Dont Allow Exitting from a Script
Operating Systems Linux Ubuntu Dont Allow Exitting from a Script Post 302907432 by achenle on Friday 27th of June 2014 07:05:36 PM
Old 06-27-2014
How are your users logging in? What are they on the computer for?

If it's a desktop login, good luck stopping anyone who knows what he's doing from getting an interactive shell. I've never failed to be able to get an interactive shell from a desktop login no matter how "locked down" it supposedly was.

Restricted shells and chroot jails - as already mentioned - are just about your only options.

Also, I question the logic behind not allowing anyone to have an interactive shell. What are they going to be able to do with an interactive shell that they couldn't do anyway? What any user can learn from an arbitrary computer is defined by the system calls he has access to, and the files visible to him. The tools used to make those system calls and view those files are irrelevant. Thinking that removing access to an interactive shell improves security shows a lack of understanding regarding true security. That's like saying no one can have a 16 oz claw hammer when there are 20 oz ones readily available.
 

9 More Discussions You Might Find Interesting

1. Programming

I dont want this

Im creating a sort of shell, for my cybercafe This will restrict my clients from accessing unwanted materials so im programming a similar bash to 1. to meet my goals 2. to learn new things. im creating it in C, please have a look at the attachement. i wish to avoid having a blank space... (6 Replies)
Discussion started by: C|[anti-trust]
6 Replies

2. Shell Programming and Scripting

command << EOF(dont want to call other script)

Dear Freinds, Help needed in input redirection . My problem is as follows.. I have a shell script as follows which calls another gnuplot script . datagen.sh #!/bin/ksh gnuplot plot_I.plt In the above file I am calling another file called plot_I.plt which reside in the same... (4 Replies)
Discussion started by: user_prady
4 Replies

3. UNIX for Dummies Questions & Answers

script dont' break out

I have concurrent manager stop and check to verify all the process are stopped BUT even after all the process are stopped query script continues to run without break out. # stop the concurrent manager $COMMON_TOP/admin/scripts/$CONTEXT_NAME/adstpall.sh $DB_USER/$DB_PSWD # check if the... (1 Reply)
Discussion started by: Paul.S
1 Replies

4. UNIX for Dummies Questions & Answers

Simple While Loop not exitting

Hi Experts, Im running a bit complicated sql script and for reasons of scheduling,I wrapped it around in a simple shell script. So, when I run it, it do creates an output file and writes to it everytime I run it & this is what exactly I wanted. However, it is not exiting the while loop no... (4 Replies)
Discussion started by: PG3
4 Replies

5. Shell Programming and Scripting

Dont want to mention user id passwd in shell script

Hi, i have one shell script which transfers files from one server to other server through FTP, but i can see login id and password is not mentioned. kindly help to understand the script.then how below script is working if login and password is not mentioned in script #!/bin/sh... (1 Reply)
Discussion started by: ni3b007
1 Replies

6. UNIX for Dummies Questions & Answers

Call a UNIX script inside another and dont wait for it

Hi I have two scripts script1.sh and script2.sh(say this script is a long running). I want to call script2.sh inside and script1.sh,but when i call script2.sh i dont want to wait for script2 to complete and want this to run in back ground and go on next commands in script 1.sh and finally at the... (2 Replies)
Discussion started by: lijjumathew
2 Replies

7. UNIX for Dummies Questions & Answers

Bash script dont works when executed as cronjob

Hello, i have cronjob: crontab -l * * * * * pkill -f domexpcheck;sh /root/dom/domexpcheck.sh it runs: /var/log/cron Mar 25 12:11:01 vps crond: (root) CMD (pkill -f domexpcheck;sh /root/dom/domexpcheck.sh) but somehow script dont run properly via cronjob. But when i execute cronjob... (7 Replies)
Discussion started by: postcd
7 Replies

8. Shell Programming and Scripting

Need Help on simple script as i dont know numch about UNIX scripting

Hello All, My name is vasu and I am very new to Unix scripting, i know basic commands, but now i need to write the following script, i have tried but no luck My requirment is i am getting one our from another command as following Used:1.8TB Advisory Quota:1.8TB aaa1 Used:4.5TB Advisory... (1 Reply)
Discussion started by: VasuKukkapalli
1 Replies

9. Programming

Shell script - if statements dont work

hi all, i have made a shell script and it runs until it reaches the if statement, doesn't the ! mean only if the command fails it will echo me that message and then exit can anyone please help me what is wrong with my code? many thanks, rob #!/bin/bash echo "is this archive... (10 Replies)
Discussion started by: robertkwild
10 Replies

LEARN ABOUT MOJAVE

git-shell

GIT-SHELL(1)                                                        Git Manual                                                        GIT-SHELL(1)

NAME

       git-shell - Restricted login shell for Git-only SSH access

SYNOPSIS

       chsh -s $(command -v git-shell) <user>
       git clone <user>@localhost:/path/to/repo.git
       ssh <user>@localhost

DESCRIPTION

       This is a login shell for SSH accounts to provide restricted Git access. It permits execution only of server-side Git commands implementing
       the pull/push functionality, plus custom commands present in a subdirectory named git-shell-commands in the user's home directory.

COMMANDS

       git shell accepts the following commands after the -c option:

       git receive-pack <argument>, git upload-pack <argument>, git upload-archive <argument>
           Call the corresponding server-side command to support the client's git push, git fetch, or git archive --remote request.

       cvs server
           Imitate a CVS server. See git-cvsserver(1).

       If a ~/git-shell-commands directory is present, git shell will also handle other, custom commands by running "git-shell-commands/<command>
       <arguments>" from the user's home directory.

INTERACTIVE USE

       By default, the commands above can be executed only with the -c option; the shell is not interactive.

       If a ~/git-shell-commands directory is present, git shell can also be run interactively (with no arguments). If a help command is present
       in the git-shell-commands directory, it is run to provide the user with an overview of allowed actions. Then a "git> " prompt is presented
       at which one can enter any of the commands from the git-shell-commands directory, or exit to close the connection.

       Generally this mode is used as an administrative interface to allow users to list repositories they have access to, create, delete, or
       rename repositories, or change repository descriptions and permissions.

       If a no-interactive-login command exists, then it is run and the interactive shell is aborted.

EXAMPLE

       To disable interactive logins, displaying a greeting instead:

           $ chsh -s /usr/bin/git-shell
           $ mkdir $HOME/git-shell-commands
           $ cat >$HOME/git-shell-commands/no-interactive-login <<EOF
           #!/bin/sh
           printf '%s
' "Hi $USER! You've successfully authenticated, but I do not"
           printf '%s
' "provide interactive shell access."
           exit 128
           EOF
           $ chmod +x $HOME/git-shell-commands/no-interactive-login

       To enable git-cvsserver access (which should generally have the no-interactive-login example above as a prerequisite, as creating the
       git-shell-commands directory allows interactive logins):

           $ cat >$HOME/git-shell-commands/cvs <<EOF
           if ! test $# = 1 && test "$1" = "server"
           then
                   echo >&2 "git-cvsserver only handles "server""
                   exit 1
           fi
           exec git cvsserver server
           EOF
           $ chmod +x $HOME/git-shell-commands/cvs

SEE ALSO

       ssh(1), git-daemon(1), contrib/git-shell-commands/README

GIT

       Part of the git(1) suite

Git 2.17.1                                                          10/05/2018                                                        GIT-SHELL(1)
All times are GMT -4. The time now is 11:37 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy