Hello fellow Debianites! I want do do a custom CLI for a project, and I am quite happy with the Python cmd module. Aside from having a practically un-googleable name it is very nice, and does a lot with very little code. So far, so good. But:
If I write a Python script with this module, and expose it to the internet via SSH, will hell break loose? So far I've done the following: 1. Put my script in /usr/local/bin/turtle (the canonical example in the docs is something with turtle), you can see the sourcecode of my script here: https://pi.h5.or.at/mockturtle.txt This script does absolutely nothing sensible, you can try it out by doing a ssh -l admin probe.aisg.at from a IPv6 capable host (sorry, no IPv4). The password is "admin". Any and all suggestions on stuff that is stupid and crazy from a security standpoint in this script are very much appreciated! 2. Then I put /usr/local/bin/turtle in /etc/shells 3. I added a user "admin" that has /usr/local/bin/turtle as shell 4. I added following stanza to /etc/ssh/sshd_config Match User admin X11Forwarding no AllowTcpForwarding no ForceCommand /usr/local/bin/turtle 5. In the script I tried to catch the Ctrl-C signal, so the interpreter does not give out too obvious error messages (that show what is going on behind the scenes). Is this enough to harden this setup against escaping into a shell or the full python interpreter, to do something nasty? Or is it completely crazy, because theere is some way to abuse a setup like this, that I have not found yet? TIA Ralph
