Hi. On Sat, 18 Jan 2014 14:50:21 +0000 Chris Davies <chris-use...@roaima.co.uk> wrote:
> Reco <recovery...@gmail.com> wrote: > > Set up another user with /bin/rbash (not straight /bin/bash) as a shell. > > Set PATH in .bashrc of said user to that program. > > Unfortunately rbash has a race condition built in to its execution of > .profile by definition (it doesn't disable the interrupt signal until > after the .profile has been executed, so it becomes quite possible to > Ctrl/C during login and gain an interactive shell). You'd be better off > with rksh, which works properly. Didn't know it, thanks. > But then again, .profile can be bypassed by a non-interactive login: > > ssh remotehost mv -f .profile .p > ssh remotehost 'chattr +i .profile' should solve that issue. In fact, in OP's situtation I'd chattr'ed anything in restricted user's home. Reco -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140118201149.ad063d1e8d0a7989d9d9c...@gmail.com
