Re: LYNX-DEV Securing lynx 2.6 for use as a shell

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Securing lynx 2.6 for use as a shell

From:	David Woolley
Subject:	Re: LYNX-DEV Securing lynx 2.6 for use as a shell
Date:	Fri, 22 Nov 1996 08:58:14 +0000 (GMT)

> 
> Can you point me to a document that describes how to secure lynx so that
> users absolutely CANNOT run /bin/sh from within lynx?  We've secured our

There was a good article on comp.risks in the last couple of weeks 
explaining why this is an impossible request.  The basic thesis was that
making a system secure requires every loophole to be identified and 
plugged, but breaking security only requires someone to find the n
plus oneth.

However, you should look carefully at how Lynx is launched and the
external programs (mailers, mailcap, printers) that is can access.
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;

[Prev in Thread]

Current Thread

[Next in Thread]

LYNX-DEV Securing lynx 2.6 for use as a shell, Sean Harp, 1996/11/21
- Re: LYNX-DEV Securing lynx 2.6 for use as a shell, Drazen Kacar, 1996/11/21
- Re: LYNX-DEV Securing lynx 2.6 for use as a shell, David Woolley <=
- Re: LYNX-DEV Securing lynx 2.6 for use as a shell, Nelson Henry Eric, 1996/11/22
- Re: LYNX-DEV Securing lynx 2.6 for use as a shell, WHITLOCK, 1996/11/23
- Re: LYNX-DEV Securing lynx 2.6 for use as a shell, Foteos Macrides, 1996/11/24
- Re: LYNX-DEV Securing lynx 2.6 for use as a shell, Nelson Henry Eric, 1996/11/26

Prev by Date: Re: LYNX-DEV netscape mailing list
Next by Date: Re: LYNX-DEV Securing lynx 2.6 for use as a shell
Previous by thread: Re: LYNX-DEV Securing lynx 2.6 for use as a shell
Next by thread: Re: LYNX-DEV Securing lynx 2.6 for use as a shell
Index(es):
- Date
- Thread