[clug] Wanted: Developer to securely implement a restricted SSH shell

Andrew Janke a.janke at gmail.com
Mon Jan 4 16:28:33 MST 2010

> If you look at my custom shell
> http://www.mammothmedia.com.au/~nats/restricted-shell-job.txt
> I refuse to run with any command line arguments, so specifying
> command="anything" just causes my shell to exit.
> I think I prefer that solution, since it means I can let the user just
> directly edit their authorized_keys file instead of having to parse/build it
> for them.

Well if you are paranoid, you could start of by replacing:




This will then mean that thing like this:

   #! /bin/rbash

   echo $SHELL

   echo $SHELL

Will result in:

   harold:~$ ./a.sh
   ./a.sh: line 5: SHELL: readonly variable

There are lots of other things that rbash does, man tells me this:

       If bash is started with the name rbash, or the -r option is
supplied at invocation, the shell becomes restricted.  A restricted
       is used to set up an environment more controlled than the
standard shell.  It behaves identically to bash with the exception
that the
       following are disallowed or not performed:

       ·      changing directories with cd

       ·      setting or unsetting the values of SHELL, PATH, ENV, or BASH_ENV

       ·      specifying command names containing /

       ·      specifying a file name containing a / as an argument to
the .  builtin command

       ·      Specifying a filename containing a slash as an argument
to the -p option to the hash builtin command

       ·      importing function definitions from the shell
environment at startup

       ·      parsing the value of SHELLOPTS from the shell
environment at startup

       ·      redirecting output using the >, >|, <>, >&, &>, and >>
redirection operators

       ·      using the exec builtin command to replace the shell with
another command

       ·      adding or deleting builtin commands with the -f and -d
options to the enable builtin command

       ·      Using the enable builtin command to enable disabled shell builtins

       ·      specifying the -p option to the command builtin command

       ·      turning off restricted mode with set +r or set +o restricted.

Andrew Janke
(a.janke at gmail.com || http://a.janke.googlepages.com/)
Canberra->Australia    +61 (402) 700 883

More information about the linux mailing list