wiki:security:rbash
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
wiki:security:rbash [2014/11/01 09:23] woglinde |
wiki:security:rbash [2014/11/01 10:00] woglinde [Security concerns] |
||
|---|---|---|---|
| Line 17: | Line 17: | ||
| * no redirections via > and >> are allowed | * no redirections via > and >> are allowed | ||
| * no calls of binaries via complete path | * no calls of binaries via complete path | ||
| - | * no changes | + | * no changes |
| But be aware, if rbash detects that a executebale is a shell-script it will be run with full bash. | But be aware, if rbash detects that a executebale is a shell-script it will be run with full bash. | ||
| Line 93: | Line 93: | ||
| </ | </ | ||
| + | ===== Security concerns ===== | ||
| + | There could be still problems to brake out of rbash, no one yet made a security audit of the linked x2go scripts, if they allow the execution of a real shell | ||
| + | via options. | ||
| ====== rbash as default shell (optional)====== | ====== rbash as default shell (optional)====== | ||
| Line 98: | Line 101: | ||
| to be fixed too. | to be fixed too. | ||
| + | In | ||
| + | <code bash> | ||
| + | / | ||
| + | </ | ||
| + | the lines with | ||
| + | |||
| + | <code bash> | ||
| + | system(" | ||
| + | </ | ||
| + | |||
| + | needs to be changed to | ||
| + | |||
| + | <code bash> | ||
| + | system(" | ||
| + | </ | ||
wiki/security/rbash.txt ยท Last modified: 2014/11/03 13:07 by woglinde
Imprint & Legal Disclaimer -
Data Protection & Privacy Statement
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3