[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Securing lynx 2.6 for use as a shell
|
From: |
Nelson Henry Eric |
|
Subject: |
Re: LYNX-DEV Securing lynx 2.6 for use as a shell |
|
Date: |
Fri, 22 Nov 1996 13:02:40 +0900 (JST) |
> users absolutely CANNOT run /bin/sh from within lynx? We've secured our
> lynx 2.6 copy as best as we know how, but users are still able to fork a
> shell from within lynx and then arbitrarily telnet anywhere they want
How exactly are they doing this, i.e., what are the exact keystrokes they
use? I have a great interest in security matters. Thank you.
As to your question, are you running lynx with the command line switch
`-validate'. Also, perhaps you want to be running this as an anonymous
account, and as such you need to define the name of the anonymous
account in userdefs.h at compile time. There are MANY restriction
options that are available at compile time by modifying userdefs.h, or
at run time with the -restrictions=[options] command line switch.
There is no need in an anonymous account to even give the user a shell
in the first place, thus there should be no way to `fork a shell',
although I admit I don't understand what that means, and why I ask how
they are doing it.
__Henry
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;