Quote:
Originally Posted by
ppucci
I have already on my script the exit commands to logout, but should the user break the script I still want him to be logged out or to return to the script, meaning I do not want him getting to the shell prompt by no means.
If you're worried about security then you'll need to be careful about what commands you use in your menu option.
If you're doing commands like:
echo "2 - Display something"
...
echo "5 - List some stuff"
echo "6 - Display system information"
You may be thinking to pipe multi-page output to less or more so the user can page through it.
A place I once worked had menu scripts that ran as root and paged files with less, which I found rather convenient when I needed a root shell on that box in an emergency... all I needed to do was go into the menu and choose the file viewer and type !<Enter> and I had a root shell!
If you read the less man page you will find:
When the environment variable LESSSECURE is set to 1, less runs in a "secure" mode. This means these features are disabled:
! the shell command
| the pipe command
:e the examine command.
v the editing command
s -o log files
-k use of lesskey files
-t use of tags files
metacharacters in filenames, such as *
filename completion (TAB, ^L)
That'll be something you'll want to export as a variable in the top of your script if you're going to use less.
When you try to lock something down your own way, using tools that weren't designed specifically for embedding in secure menus, you need to be smart enough to be able to second-guess everyone who will get access to the system, and shut off any loop-holes they could abuse before they find them.