[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Securing lynx 2.6 for use as a shell
From: |
David Woolley |
Subject: |
Re: LYNX-DEV Securing lynx 2.6 for use as a shell |
Date: |
Fri, 22 Nov 1996 08:58:14 +0000 (GMT) |
>
> Can you point me to a document that describes how to secure lynx so that
> users absolutely CANNOT run /bin/sh from within lynx? We've secured our
There was a good article on comp.risks in the last couple of weeks
explaining why this is an impossible request. The basic thesis was that
making a system secure requires every loophole to be identified and
plugged, but breaking security only requires someone to find the n
plus oneth.
However, you should look carefully at how Lynx is launched and the
external programs (mailers, mailcap, printers) that is can access.
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;