On Sat, Jul 05, 1997 at 07:44:02AM +1000, John Foster wrote: > On Fri, 4 Jul 1997 [EMAIL PROTECTED] wrote: > > > > #!/bin/sh > > cat <<__EOF__ > > No telnet login allowed. > > > > ** Insert the motd here ** > > > > __EOF__ > > sleep 5 > > exit 0 > > > > And if the remote user managed to interrupt it would they get > /bin/sh?, with EUID 0? > > And what if the sleep call was suspended? > > I don't think a shell script could ever be a secure shell...
If they interrupted the script, the interpreter (/bin/sh) would exit, and so there'd be nothing left running. And it wouldn't be root anyway -- setuid scripts are not allowed (by the kernel) because they are prone to security problems. hamish -- Hamish Moffatt, StudIEAust [EMAIL PROTECTED] Student, computer science & computer systems engineering. 3rd year, RMIT. http://hamish.home.ml.org/ (PGP key here) CPOM: [***** ] 50% The opposite of a profound truth may well be another profound truth. --Bohr -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
