Using perl for a limited shell

S

Sandman

Would perl be a good course to take if I wanted to create a limited shell for a
person logged into linux/unix?

I'm thinking a while(<>) loop that takes commands and have a "ok" list who
pipes them to an external process (such as "ls").

Would it be possible to launch applications that "take over" the screen in such
an environment? Such as pine.

Just a wild idea I got before checking out other ways to limit a users shell.
Any other ideas would also be appriceated. :)
 
W

Walter Roberson

:Would perl be a good course to take if I wanted to create a limited shell for a
:person logged into linux/unix?

:I'm thinking a while(<>) loop that takes commands and have a "ok" list who
:pipes them to an external process (such as "ls").

You might want to look on cpan.org for the various 'BBS' programs.


:Would it be possible to launch applications that "take over" the
:screen in such an environment? Such as pine.

Yes, but you have to be careful, as many such programs have "shell escapes"
that could allow users to break out of their box.
 
M

Malcolm Dew-Jones

Sandman ([email protected]) wrote:
: Would perl be a good course to take if I wanted to create a limited shell for a
: person logged into linux/unix?

Not sure, but before you do, look for similar efforts already done. There
is at least one fully working shell written using perl (psh ? really not
sure), and I think several others as well.

: I'm thinking a while(<>) loop that takes commands and have a "ok" list who
: pipes them to an external process (such as "ls").

ouch

: Would it be possible to launch applications that "take over" the screen in such
: an environment? Such as pine.

yes

: Just a wild idea I got before checking out other ways to limit a users shell.
: Any other ideas would also be appriceated. :)

how about a regular shell in restricted mode (rsh, rksh, bash with an
option or started via the correct name - look them all up to be sure).

(rsh is commonly referred to as a "remote" shell, but do not be confused,
it's the same program, if you allow someone to access you _remotely_ you
typically want them to have a _restricted_ environment within which to
work)
 
R

Richard Williams

Walter Roberson said:
:Would it be possible to launch applications that "take over" the
:screen in such an environment? Such as pine.

Yes, but you have to be careful, as many such programs have "shell escapes"
that could allow users to break out of their box.

Pine itself is (or at least was) one such program (indirectly) - e.g. if
the user configures pine to use vi as the 'alternate editor', and your
version of vi has a shell escape...

Richard.
 
J

Jaap Karssenberg

You could take the framework of the Zoidberg shell
<http://zoidberg.sf.net>, turn off all defaults and write a simple
plugin that checks commands in your "ok list". Though the framework is
not yet entirely stable and might be a bit heavy for what you had in
mind.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,901
Latest member
Noble71S45

Latest Threads

Top