Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Id command does not return correct username
Top Forums Shell Programming and Scripting Id command does not return correct username Post 303041826 by foad on Wednesday 4th of December 2019 05:18:23 PM
Old 12-04-2019
I was told by JimMcNamara that my reply was too harsh.

Well, it was meant as a factual statement: i would for sure remove any shell access of such a user save for the sandbox, but the bank i work for is probably just too harsh and we should have more of a "no risk no fun"-approach with our systems.

Anyways i would like to apologize for the error of my ways: of course the thread-o/p should be allowed access to all the servers on the network. Would it also be too harsh to suggest he shouldn't get root rights? If so, i suggest he should get them everywhere too as i wouldn't want to be in breach of the forum rules.
 

10 More Discussions You Might Find Interesting

1. IP Networking

pine username return address

hello all I am happily using pine but unhappily sending email as username@where.my.mail.works instead of ****@my.college.edu well, my username on my computer is one thing, but my username on my college account (**** here) is different. what I'm trying to do is use the college server for... (1 Reply)
Discussion started by: plusran
1 Replies

2. UNIX for Dummies Questions & Answers

to pick up the Return Code ( RC) from the mailx command and return it to SAS uisng 's

Hi All, Can anyone please let me know the syntax / how to pick up the Return Code ( RC) from the mailx command and return it to SAS uisng 'system()' function and '${?}'. I am in a process to send the mail automatically with an attachment to bulk users. I have used 'Mailx' and 'Unencode'... (0 Replies)
Discussion started by: manas6
0 Replies

3. UNIX for Dummies Questions & Answers

Is this grep command correct?

Hi I need to know if I have got the following grep command correct. I wanted to find from myfile.txt all signed real numbers (e.g. +5.0, -78, but not 5.0, 5 are not). I have thought about it and decided it was this: grep '' myfile.txt but I was wondering if this was correct. If... (2 Replies)
Discussion started by: rushhour
2 Replies

4. Shell Programming and Scripting

::select statement return value with correct field size::

Hi Everyone, I am facing a problem regarding the select from sybase, the return with the incorrect size. For example, field is NAME(20). After i selected from sybase, the result is nicky. after i assign it to another declaration variable, it will be in actual name "nicky" , what i need... (10 Replies)
Discussion started by: ryanW
10 Replies

5. Shell Programming and Scripting

FTP command line username and password passing

Dear All, I am new to unix and I am trying to build a shell script which will connect to a different server by passing username and password from a file or command line but not manually... In short I dont want to connect to a diff server via ftp interactively. Any suggestion...looking... (8 Replies)
Discussion started by: Pratik4891
8 Replies

6. UNIX for Advanced & Expert Users

I was trying this command...am I going correct? other there is better way

I was trying to copy all debs from apt cache to some storage location and I was taking this approach... /var/cache/apt/archives# ls -1 | grep -v jdownloader | fgrep .deb | xargs cp /media/eshant/L-STORE/Softwares/openjdk/an error bla_bla.deb is a not directory stalled me Suggestions please... (9 Replies)
Discussion started by: ezee
9 Replies

7. Shell Programming and Scripting

Need output of script on screen and file with correct return status of the called script.

Hi, I am trying to capture logs of the script in the file as well as on the screen. I have used exec and tee command for this. While using exec command I am getting the correct output in the file but, script output is not getting displayed on the screen as it get executed. Below is my sample... (14 Replies)
Discussion started by: Prathmesh
14 Replies

8. Shell Programming and Scripting

Wget and correct zip for command

If there were 3 files put in a folder on /Desktop/Test then transferred to a site. would gzip -r /Desktop/Test zip them so that wget --http-user cmccabe --http -passwd xxxx*** https://something.sharefile.com/login.aspx -O - | tar -zxf - could be used to connect to the site, login,... (6 Replies)
Discussion started by: cmccabe
6 Replies

9. Shell Programming and Scripting

LS command does not list the correct file

Hi, I am logged into as root & inside the home directory of another user. ls -a # ls -laq total 44 drwx------ 4 user1 adm 4096 Nov 23 05:10 . drwxr-xr-x. 12 root root 4096 Nov 22 13:05 .. -rw-r--r-- 1 user1 adm 18 Nov 22 13:05 .bash_logout -rw-r--r-- 1 user1 adm 193 Nov... (2 Replies)
Discussion started by: mohtashims
2 Replies

10. Shell Programming and Scripting

How to auto correct a failing command?

If a command is not found, e.g. nawk, this is how I fix the problem ] && NAWK=/usr/bin/gawk ] && NAWK=/usr/bin/nawk ] && NAWK=/usr/bin/awkI use $NAWK an the set the appropriate value based on the system it runs. How can I implement a similar fix for a command found but illegal argument.... (6 Replies)
Discussion started by: mohtashims
6 Replies

LEARN ABOUT PHP

runkit_sandbox

RUNKIT_SANDBOX(3)							 1							 RUNKIT_SANDBOX(3)

Runkit_Sandbox - Runkit Sandbox Class -- PHP Virtual Machine

	Instantiating  the  Runkit_Sandbox  class  creates a new thread with its own scope and program stack. Using a set of options passed to the
       constructor, this environment may be restricted to a subset of what the primary interpreter can do and provide a safer environment for exe-
       cuting user supplied code.

       Note

	      Sandbox  support	(required for runkit_lint(3), runkit_lint_file(3), and the Runkit_Sandbox class) is only available as of PHP 5.1.0
	      or specially patched versions of PHP 5.0, and requires that thread safety be enabled. See the README file  included  in  the  runkit
	      package for more information.

SYNOPSIS

       void Runkit_Sandbox::__construct ([array  $options])

DESCRIPTION

CONSTRUCTOR

       $options is an associative array containing any combination of the special ini options listed below.

	      o $safe_mode
		-  If  the  outer script which is instantiating the Runkit_Sandbox class is configured with safe_mode = off, then safe_mode may be
		turned on for the sandbox environment. This setting can not be used to disable safe_mode when it's already enabled  in	the  outer
		script.

	      o $safe_mode_gid
		-  If  the  outer script which is instantiating the Runkit_Sandbox class is configured with safe_mode_gid = on, then safe_mode_gid
		may be turned off for the sandbox environment. This setting can not be used to enable safe_mode_gid when it's already disabled	in
		the outer script.

	      o $safe_mode_include_dir
		-  If  the  outer  script  which  is instantiating the Runkit_Sandbox class is configured with a safe_mode_include_dir, then a new
		safe_mode_include_dir may be set for sandbox environments below the currently defined value.  safe_mode_include_dir  may  also	be
		cleared to indicate that the bypass feature is disabled. If safe_mode_include_dir was blank in the outer script, but safe_mode was
		not enabled, then any arbitrary safe_mode_include_dir may be set while turning safe_mode on.

	      o $open_basedir
		-$open_basedir may be set to any path below the current setting of open_basedir. If open_basedir is  not  set  within  the  global
		scope, then it is assumed to be the root directory and may be set to any location.

	      o $allow_url_fopen
		-  Like  $safe_mode, this setting can only be made more restrictive, in this case by setting it to FALSE when it is previously set
		to TRUE

	      o $disable_functions
		- Comma separated list of functions to disable within the sandbox sub-interpreter. This list need not contain  the  names  of  the
		currently disabled functions, they will remain disabled whether listed here or not.

	      o $disable_classes
		-  Comma separated list of classes to disable within the sandbox sub-interpreter. This list need not contain the names of the cur-
		rently disabled classes, they will remain disabled whether listed here or not.

	      o $runkit.superglobal
		- Comma separated list of variables to be treated as superglobals within the sandbox sub-interpreter. These variables will be used
		in addition to any variables defined internally or through the global runkit.superglobal setting.

	      o $runkit.internal_override
		- Ini option runkit.internal_override may be disabled (but not re-enabled) within sandboxes.

       Example #1

	      Instantiating a restricted sandbox

	      <?php
	      $options = array(
		'safe_mode'=>true,
		'open_basedir'=>'/var/www/users/jdoe/',
		'allow_url_fopen'=>'false',
		'disable_functions'=>'exec,shell_exec,passthru,system',
		'disable_classes'=>'myAppClass');
	      $sandbox = new Runkit_Sandbox($options);
	      /* Non-protected ini settings may set normally */
	      $sandbox->ini_set('html_errors',true);
	      ?>

ACCESSING VARIABLES

	All  variables	in the global scope of the sandbox environment are accessible as properties of the sandbox object. The first thing to note
       is that because of the way memory between these two threads is managed, object and  resource  variables	can  not  currently  be  exchanged
       between	interpreters.  Additionally,  all  arrays are deep copied and any references will be lost. This also means that references between
       interpreters are not possible.

       Example #2

	      Working with variables in a sandbox

	      <?php
	      $sandbox = new Runkit_Sandbox();

	      $sandbox->foo = 'bar';
	      $sandbox->eval('echo "$foo
"; $bar = $foo . "baz";');
	      echo "{$sandbox->bar}
";
	      if (isset($sandbox->foo)) unset($sandbox->foo);
	      $sandbox->eval('var_dump(isset($foo));');
	      ?>

       The above example will output:

       bar
       barbaz
       bool(false)

CALLING PHP FUNCTIONS

	Any function defined within the sandbox may be called as a method on the sandbox object. This also includes a few pseudo-function language
       constructs: eval(3), include(3), include_once(3), require(3), require_once(3), echo(3), print(3), die(3), and exit(3).

       Example #3

	      Calling sandbox functions

	      <?php
	      $sandbox = new Runkit_Sandbox();

	      echo $sandbox->str_replace('a','f','abc');
	      ?>

       The above example will output:

       fbc

	When  passing  arguments to a sandbox function, the arguments are taken from the outer instance of PHP. If you wish to pass arguments from
       the sandbox's scope, be sure to access them as properties of the sandbox object as illustrated above.

       Example #4

	      Passing arguments to sandbox functions

	      <?php
	      $sandbox = new Runkit_Sandbox();

	      $foo = 'bar';
	      $sandbox->foo = 'baz';
	      echo $sandbox->str_replace('a',$foo,'a');
	      echo $sandbox->str_replace('a',$sandbox->foo,'a');
	      ?>

       The above example will output:

       bar
       baz

CHANGING SANDBOX SETTINGS

	As of runkit version 0.5, certain Sandbox settings may be modified on the fly using ArrayAccess syntax. Some settings, such as $active are
       read-only  and  meant  to  provide status information. Other settings, such as $output_handler may be set and read much like a normal array
       offset. Future settings may be write-only, however no such settings currently exist.

       Sandbox Settings / Status Indicators

PHP Documentation Group 													 RUNKIT_SANDBOX(3)
All times are GMT -4. The time now is 08:48 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy