[clug] Wanted: Developer to securely implement a restricted SSH shell

Nathan O'Sullivan nathan at mammoth.com.au
Mon Jan 4 16:34:55 MST 2010

On 05/01/10 10:28, Andrew Janke wrote:
>> If you look at my custom shell
>> http://www.mammothmedia.com.au/~nats/restricted-shell-job.txt
>> I refuse to run with any command line arguments, so specifying
>> command="anything" just causes my shell to exit.
>> I think I prefer that solution, since it means I can let the user just
>> directly edit their authorized_keys file instead of having to parse/build it
>> for them.
> Well if you are paranoid, you could start of by replacing:
>     #!/bin/bash
> with
>     #!/bin/rbash
I think it may be worth going to C/python/perl for this reason, to 
further restrict potential mischief.

More information about the linux mailing list